Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Apxplicatioan] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- %WINDIR%\Svchost.reg
- %TEMP%\146593_tem.info
- %WINDIR%\hfsetemp.ini
- %WINDIR%\Svchost.txt
- %WINDIR%\hfsetemp.ini
- %WINDIR%\Svchost.reg
- %WINDIR%\Svchost.txt
- 'yi#####78828.3322.org':83
- DNS ASK yi#####78828.3322.org