Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'Explorer.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\NdisFileServices32] 'Start' = '00000002'
- <SYSTEM32>\wmdrtc32.dll
- <DRIVERS>\gnrlgn.sys
- <SYSTEM32>\wmdrtc32.dl_
- %TEMP%\1.exe
- %TEMP%\2.exe
- <DRIVERS>\gnrlgn.sys
- 'www.lu####dnd2kdnc.info':80
- 'www.f5####kkk4d.info':80
- 'www.hk####123ncs.info':80
- 'www.h7#####1wlsdn34fgv.info':80
- 'www.g1#####vns3sdsal.info':80
- '68.##9.171.153':5001
- 'localhost':5001
- 'www.in####1ongung.info':80
- 'www.bp##02.com':80
- www.lu####dnd2kdnc.info/p_new/?rn#######################
- www.h7#####1wlsdn34fgv.info/p_new/?rn#######################
- www.hk####123ncs.info/p_new/?rn#######################
- www.f5####kkk4d.info/p_new/?rn#######################
- www.bp##02.com/p_new/?rn#######################
- www.in####1ongung.info/p_new/?rn#######################
- www.g1#####vns3sdsal.info/p_new/?rn#######################
- DNS ASK www.lu####dnd2kdnc.info
- DNS ASK www.f5####kkk4d.info
- DNS ASK www.hk####123ncs.info
- DNS ASK www.h7#####1wlsdn34fgv.info
- DNS ASK www.bp##02.com
- DNS ASK www.microsoft.com
- DNS ASK www.g1#####vns3sdsal.info
- DNS ASK www.in####1ongung.info
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''