Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\0FB466CA] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' "<Полный путь к вирусу>"
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\inix[1].exe
- %TEMP%\68446185.exe
- %TEMP%\stinst.log
- <SYSTEM32>\263481034.sys
- 'www.ha##me.com':80
- '12#.#25.114.144':80
- www.ha##me.com/dp/inix.exe
- 12#.#25.114.144/
- DNS ASK www.ha##me.com
- DNS ASK www.ba##u.com