Техническая информация
- [HKLM\System\CurrentControlSet\Services\SrvMngmnt] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\SrvMngmnt] 'ImagePath' = 'C:\Users\Public\SysApps\SrvMngmnt.exe'
- 'SrvMngmnt' C:\Users\Public\SysApps\SrvMngmnt.exe
- C:\users\public\sysapps\srvmngmnt.exe
- <Текущая директория>\flashgame.exe
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sxx в %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sol
- 'bi####.byethost33.com':80
- 'se####.cpmstar.com':80
- http://bi####.byethost33.com/post/event.php?ev#####################
- http://se####.cpmstar.com/adviewas3.swf?po#######################
- http://se####.cpmstar.com/view.aspx?xm###########################################################################################################################################################...
- http://se####.cpmstar.com/cached/flashadv11.js
- http://se####.cpmstar.com/trueup.aspx?po##############
- DNS ASK bi####.byethost33.com
- DNS ASK se####.cpmstar.com
- '<Текущая директория>\flashgame.exe'