Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run] 'WinDrv' = '%WINDIR%\services.exe'
- '%WINDIR%\fwbmz.dll' "%WINDIR%\services.exe" webbrowser
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\win.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\Melt.bat
- %WINDIR%\fwbmz.dll
- %WINDIR%\win.bat
- %WINDIR%\win.dll
- %WINDIR%\services.exe
- %TEMP%\ex.jpg
- %TEMP%\Melt.bat
- 'wi#####.servehttp.com':210
- DNS ASK wi#####.servehttp.com