Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\JVNU] 'Start' = '00000002'
- <SYSTEM32>\svcd\svchost.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\t_muz[1]
- <SYSTEM32>\SvcNm
- <SYSTEM32>\svcd\svchost.exe
- 'ad###-pool.com':80
- ad###-pool.com/cgi-bin/npr/web/t_muz.cgi?ma##########################################################
- DNS ASK ad###-pool.com