Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,summt.exe'
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Yahoo\pager]
- <SYSTEM32>\summt.exe
- 'sx.##yog.com':80
- '18#.#78.33.180':80
- sx.##yog.com/tmd/sx.gif
- sx.##yog.com/tmd/sx.jpg
- 18#.#78.33.180/mljs11/heihaahhuo.png
- DNS ASK www.he###ahhuo.com
- DNS ASK sx.##yog.com