Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'rundll' = '%WINDIR%\runhostdl.exe'
- %WINDIR%\wscript.exe
- %APPDATA%\setdebug.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\blog[1]
- %WINDIR%\wscript.exe
- %APPDATA%\setdebug.exe
- 'lj#####sn2.pixnet.net':80
- '74.##5.232.51':443
- 'localhost':1036
- 'localhost':1037
- lj#####sn2.pixnet.net/blog
- DNS ASK sp#####heets.google.com
- DNS ASK do##.google.com
- DNS ASK lj#####sn2.pixnet.net
- ClassName: '' WindowName: 'wscript'
- ClassName: '' WindowName: 'runhostdl'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'setdebug'
- ClassName: '' WindowName: 'QmbujovnDmjq'
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''