Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'SysRun' = '{D7FFD784-5276-42D1-887B-00267870A4C7}'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\wininet.exe' = '<SYSTEM32>\wininet.exe:*:Enabled:Windows XP Update'
- <SYSTEM32>\wininet.exe
- <SYSTEM32>\svshost.dll
- <SYSTEM32>\wininet.exe
- '67.##7.137.176':443
- 'gi####achita.com':80
- gi####achita.com?dd#####################################################################
- gi####achita.com?dd################
- DNS ASK gi####achita.com