Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\userinit.exe] 'Debugger' = 'monfvideo.exe'
- %WINDIR%\Explorer.EXE
- opera.exe
- <SYSTEM32>\monfvideo.exe
- 'la###cars.net':80
- 'ro#####acie.myftp.org':80
- 'lo####kye.my03.com':80
- '74.##5.232.51':80
- 'af##ind.com':80
- 'qu##box.com':80
- 74.##5.232.51/
- ro#####acie.myftp.org/dot/?12########
- lo####kye.my03.com/dot/?-2#########
- la###cars.net/dot/?12#######
- af##ind.com/dot/?-2#######
- qu##box.com/dot/?-2#########
- DNS ASK ro#####acie.myftp.org
- DNS ASK lo####kye.my03.com
- DNS ASK ne#####hpef.mrbasic.com
- DNS ASK la###cars.net
- DNS ASK www.google.com
- DNS ASK af##ind.com
- DNS ASK qu##box.com