Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Host Process' = '%HOMEPATH%\svchost.exe'
- %HOMEPATH%\svchost.exe
- %HOMEPATH%\x1.dat
- %HOMEPATH%\!]rok744xee=;5{fiba`!!lm`7mv}
- %HOMEPATH%\svchost.exe
- %HOMEPATH%\svchost.exe
- %TEMP%\~DFF604.tmp
- 'wa###play.com':80
- wa###play.com/?ty###############
- wa###play.com/?ty################
- wa###play.com/?ty#############
- wa###play.com/?ty##############
- DNS ASK wa###play.com
- ClassName: 'SunAwtDialog' WindowName: 'Options'
- ClassName: 'SunAwtWindow' WindowName: ''
- ClassName: 'SunAwtFrame' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: 'Notification Area'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'SysPager' WindowName: ''