Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'explorer' = '%WINDIR%\svchos.exe'
- <SYSTEM32>\svchost.exe
- [<HKCU>\Software\Yahoo\pager]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\game[1].txt
- %WINDIR%\svchost.exe
- %TEMP%\aut1.tmp
- %TEMP%\wmqscwi
- %TEMP%\wmqscwi
- %TEMP%\aut1.tmp
- 'tu####h2701.t35.com':80
- tu####h2701.t35.com/game.txt
- DNS ASK tu####h2701.t35.com