Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'Startup' = 'WinStart2EX'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'DllName' = 'mdhcp32.dll'
- <SYSTEM32>\dll.dll
- <SYSTEM32>\crt.dat
- <Текущая директория>\sname
- <SYSTEM32>\shimg.dll
- <SYSTEM32>\dll.dll
- 'ca###.trillinux.org':80
- '18#.#11.24.250':443
- '74.##5.232.51':80
- ca###.trillinux.org/g2/bazooka.php?ne####################################
- DNS ASK ca###.trillinux.org
- DNS ASK www.google.com