Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'LGootkitSSO' = '{67ADB426-27D3-4A82-94DE-380B0A22F044}'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\tasksz[1].php
- <SYSTEM32>\lmsxsltsso.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\tasksz[1].php
- 'mc###alds.com':80
- mc###alds.com/cp/tasksz.php?dc
- DNS ASK mc###alds.com
- '10.#.1.1':1034