Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\svchost] 'Start' = '00000002'
- %WINDIR%\US1\svchost.exe
- %WINDIR%\US1\sv\svchost.exe
- %TEMP%\ivtp.exe vtpserverip.no-ip.org off unknown
- <SYSTEM32>\ipconfig.exe /flushdns
- <SYSTEM32>\sc.exe start svchost
- <SYSTEM32>\sc.exe create svchost binpath= "%WINDIR%\US1\sv\svchost.exe" type= own start= auto
- %WINDIR%\US1\init_info
- %WINDIR%\US1\CW\wget.exe
- %TEMP%\ivtp.exe
- %WINDIR%\US1\sv\svchost.exe
- %WINDIR%\US1\svchost.exe
- 'us###.ugent.be':80
- 'wp#d':80
- 'vt#####erip.no-ip.org':10000
- us###.ugent.be/~bpuype/cgi-bin/fetch.pl?dl##############
- wp#d/wpad.dat
- DNS ASK us###.ugent.be
- DNS ASK wp#d
- DNS ASK vt#####erip.no-ip.org