Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{56289A50-1278-3451-9205-AF73A67000AE}' = 'Advanced Network Transport'
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\advnt.dll",InitF
- '<SYSTEM32>\rundll32.exe' "mprcadv.dll",#1
- %TEMP%\adv0361.tmp
- <SYSTEM32>\advnt.dll
- <Текущая директория>\mprcadv.dll
- <Текущая директория>\mprcadv.dll
- %TEMP%\adv0361.tmp
- 'ir##ng.org':80
- ir##ng.org/~mark/cgi-bin/sptr.cgi?CR####################
- ir##ng.org/~mark/cgi-bin/brvc.cgi?CR####################
- DNS ASK ir##ng.org