Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'Startup' = 'WinStart2EX'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'DllName' = 'mdhcp32.dll'
- <SYSTEM32>\dll.dll
- <SYSTEM32>\crt.dat
- <Текущая директория>\sname
- <SYSTEM32>\shimg.dll
- <SYSTEM32>\dll.dll
- 'gw##.wodi.org':80
- '89.##8.171.19':8014
- '74.##5.232.51':80
- gw##.wodi.org/skulls.php?ne####################################
- DNS ASK gw##.wodi.org
- DNS ASK www.google.com