Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,qdnht.exe'
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Yahoo\pager]
- <SYSTEM32>\qdnht.exe
- 'vc####.foodbank2.com':80
- vc####.foodbank2.com/vca322/vca322.bmp
- vc####.foodbank2.com/vca322/vca322.jpg
- vc####.foodbank2.com/vca322/vca322.gif
- DNS ASK www.xa##u.com
- DNS ASK vc####.foodbank2.com
- DNS ASK www.su###bbs.com