Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Rsystem Spdates Applicatioanjrq] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- %TEMP%\Xy116312nd.temp
- <SYSTEM32>\svchosu.dll
- %TEMP%\TEAM25.reg
- %TEMP%\MyInformations.ini
- %TEMP%\fengshao0.txt
- %TEMP%\MyInformations.ini
- %TEMP%\TEAM25.reg
- %TEMP%\fengshao0.txt
- 'g2#.#322.org':2011
- DNS ASK g2#.#322.org