Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\KernelLoader] 'Start' = '00000001'
- <SYSTEM32>\config\svhost32.exe
- <SYSTEM32>\config\app.exe
- <SYSTEM32>\config\svhost32.exe
- <SYSTEM32>\config\svhost32.exe
- <SYSTEM32>\config\app.exe
- %WINDIR%\KernelLoader.sys
- %TEMP%\~1.bat
- <LS_APPDATA>\svchost32.exe
- <LS_APPDATA>\app.exe
- %TEMP%\~1.bat
- <LS_APPDATA>\app.exe
- <LS_APPDATA>\svchost32.exe
- %TEMP%\~1.bat
- 'st####.gadu-gadu.pl':80
- st####.gadu-gadu.pl/users/status.asp?id################
- DNS ASK st####.gadu-gadu.pl