Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinNTsystem \Parameters] 'ServiceDll' = '<SYSTEM32>\winsp2dmod.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinNTsystem ] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsvcs'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinNTsystem ] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\winsp2dmod.dat
- <SYSTEM32>\winsp2dmod.dll
- <SYSTEM32>\winsp2dmod.tmp
- 'dh####d.3322.org':1888
- DNS ASK dh####d.3322.org