Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Microsoft Corp' = '%APPDATA%\svchosts.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Corp' = '%APPDATA%\svchosts.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Corp' = '%APPDATA%\svchosts.exe'
- '%APPDATA%\svchosts.exe'
- %APPDATA%\svchosts.exe
- %APPDATA%\svchosts.exe
- 'qa###vmape.org':4723
- 'ea###umlae.org':4723
- 'ja###wmals.org':4723
- 'te###taxel.org':4723
- 'ti###pdates.ru':4723
- DNS ASK qa###vmape.org
- DNS ASK ea###umlae.org
- DNS ASK ja###wmals.org
- DNS ASK te###taxel.org
- DNS ASK ti###pdates.ru
- ClassName: 'Indicator' WindowName: '(null)'