Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'SUROWND' = 'C:\Boot.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = 'local'
- C:\Unistall.pac
- C:\Boot.exe
- 'www.pa##eg.com':80
- 'www.ma###knip.nl':80
- www.pa##eg.com/home2/translations/old.pac
- www.ma###knip.nl/extras/extras/gh.php
- DNS ASK www.pa##eg.com
- DNS ASK www.ma###knip.nl