Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'Start' = '00000002'
- <DRIVERS>\svchost.exe
- <SYSTEM32>\drwtsn32.exe
- C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
- <DRIVERS>\svchost.exe
- 'pb####ral.zzl.org':80
- pb####ral.zzl.org/
- DNS ASK pb####ral.zzl.org
- ClassName: 'Shell_TrayWnd' WindowName: ''