Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = ',%TEMP%\3919ymg.dll'
- <SYSTEM32>\cmd.exe /c ""%TEMP%\a.baT" "
- %TEMP%\a.baT
- %TEMP%\3919ymg.dll
- 'ch###hou.net':80
- ch###hou.net/m/count.asp?in###################
- DNS ASK ch###hou.net
- ClassName: 'GxWindowClassD3d' WindowName: ''