Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WindowsConfig' = '%WINDIR%\WindowsConfig\scvhost.exe'
- <SYSTEM32>\reg.exe add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v WindowsConfig /t REG_SZ /d %WINDIR%\WindowsConfig\scvhost.exe /f
- <SYSTEM32>\cmd.exe /c %WINDIR%\windows.bat
- <SYSTEM32>\attrib.exe +r +h %WINDIR%\WindowsConfig\scvhost.exe
- %WINDIR%\windows.bat
- %WINDIR%\WindowsConfig\scvhost.exe
- %WINDIR%\WindowsConfig\scvhost.exe
- 'n3#.#o-ip.biz':5889
- DNS ASK n3#.#o-ip.biz