Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wmiusb] 'Startup' = 'StartupNotify'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wmiusb] 'DllName' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\NVSvc] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\usbstub] 'Start' = '00000001'
- <SYSTEM32>\svchost.exe -k "NVSvc"
- <DRIVERS>\usbstub.sys
- <SYSTEM32>\183a2.dll
- 'lo###h.3322.org':80
- DNS ASK lo###h.3322.org
- '<IP-адрес в локальной сети>':1037