Техническая информация
- [<HKLM>\SOFTWARE\Classes\exfile\shell\open\command] '' = 'mdm32 %1 %*'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'exfile'
- [<HKLM>\SYSTEM\ControlSet001\Services\MSTD] 'Start' = '00000002'
- '<SYSTEM32>\mstd.exe'
- '<SYSTEM32>\mstd.exe' -service
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\tmp.bat" "
- %TEMP%\tmp.bat
- <SYSTEM32>\mdm32.exe
- <SYSTEM32>\mstd.exe
- 'dn.##nggui.com':80
- dn.##nggui.com/dlist.htm
- DNS ASK dn.##nggui.com