Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSUpdate' = '%HOMEPATH%\My Documents\MSWIN\mswinupdate.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'UserInit' = '<SYSTEM32>\userinit.exe,%HOMEPATH%\My Documents\MSWIN\mswinupdate.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{441EE11E-41A6-FF73-22A8-03A7808606C9}] 'StubPath' = '%WINDIR%\mswin.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'mswin' = '%WINDIR%\mswin.exe'
- '%HOMEPATH%\My Documents\MSWIN\mswinupdate.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
- '%HOMEPATH%\My Documents\MSWIN\mswinupdate.exe'
- %WINDIR%\Explorer.EXE
- IEXPLORE.EXE
- %HOMEPATH%\My Documents\MSWIN\mswinupdate.exe
- %WINDIR%\mswin.exe
- 'hs####.no-ip.org':3460
- DNS ASK hs####.no-ip.org