Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'GootkitSSO' = '{4B85434E-23A0-4319-916B-63F45AA8445B}'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\bootstrap[1]
- <SYSTEM32>\msxsltsso.dll
- '78.##0.15.82':80
- 'localhost':1034
- 78.##0.15.82/bootstrap