Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\DNS Services] 'Start' = '00000002'
- %WINDIR%\lsass.exe
- %TEMP%\dns.exe
- %TEMP%\b.exe -p11591159
- %WINDIR%\lsass.exe
- C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
- %TEMP%\b.exe
- %TEMP%\dns.exe
- %TEMP%\b.exe
- 'pa##orum.us':80
- pa##orum.us/
- DNS ASK pa##orum.us
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''