Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'sysback' = 'sysback.exe'
- '<SYSTEM32>\sysback.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\sysback.exe
- <SYSTEM32>\wintb.dll
- <SYSTEM32>\winup.ini
- '14#.#44.144.254':80
- 14#.#44.144.254/asp/script/iischeckol.asp?my################################################
- DNS ASK www.dd##mmx.com