Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{NLXAA1W-12NEG4-2F74E7-FL1EXJ-ACVPA33X86}] 'StubPath' = '%APPDATA%\msconfig.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Config' = '%APPDATA%\msconfig.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Config' = '%APPDATA%\msconfig.exe'
- %APPDATA%\msconfig.exe
- 'pi####es4us.co.cc':80
- 'wp#d':80
- pi####es4us.co.cc/userdb/command.txt
- pi####es4us.co.cc/userdb/usersonline.php
- wp#d/wpad.dat
- DNS ASK pi####es4us.co.cc
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''