Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinNsi] 'Start' = '00000002'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\248406.bAt
- '<SYSTEM32>\svchost.exe' -k WinNsi
- %TEMP%\248406.bAt
- C:\bootmgr.sys
- C:\bootmgr.sys
- 'pc#.#6xs.com':80
- pc#.#6xs.com/favicon.ico
- DNS ASK pc#.#6xs.com