Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'ImagePath' = '<DRIVERS>\svchost.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'Start' = '00000002'
- '%TEMP%\build.exe'
- '<DRIVERS>\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\000.bat" "
- '%WINDIR%\Autist.exe' -p123 -d%HOMEPATH%\Local Settings\Temp
- <DRIVERS>\svchost.exe
- C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
- %TEMP%\build.exe
- %WINDIR%\000.bat
- %WINDIR%\Autist.exe
- 'ad####g5.bget.ru':80
- http://ad####g5.bget.ru/
- DNS ASK ad####g5.bget.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''