Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe <DRIVERS>\svchost.exe'
- <DRIVERS>\svchost.exe
- <DRIVERS>\svchost.exe
- %TEMP%\~DF4517.tmp
- 'lo#####t.servebeer.com':8246
- DNS ASK lo#####t.servebeer.com