Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'SysRun' = '{D7FFD784-5276-42D1-887B-00267870A4C7}'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\wininet.exe' = '<SYSTEM32>\wininet.exe:*:Enabled:Windows XP Update'
- <SYSTEM32>\wininet.exe
- <SYSTEM32>\winint.exe
- <SYSTEM32>\svshost.dll
- <SYSTEM32>\wininet.exe
- '67.##7.137.176':443
- 'ni##mk.com':80
- ni##mk.com?dd######################################################################
- ni##mk.com?dd################
- DNS ASK ni##mk.com