Техническая информация
- <SYSTEM32>\svchost.exe
- %TEMP%\1.hiv
- %TEMP%\2.hiv
- %HOMEPATH%\Local Settings\help.dll
- %TEMP%\~ATEMP.CPL
- %TEMP%\~ATEMP.CPL.bak
- %TEMP%\2.hiv
- %TEMP%\~ATEMP.CPL
- %TEMP%\~ATEMP.CPL.bak
- %TEMP%\1.hiv
- 'qu#####s.ishidden.net':8001
- DNS ASK qu#####s.ishidden.net