Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'Startup' = 'WinStart2EX'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] 'DllName' = 'mdhcp32.dll'
- <SYSTEM32>\dll.dll
- <SYSTEM32>\crt.dat
- <SYSTEM32>\shimg.dll
- <Текущая директория>\xn1m2
- <SYSTEM32>\dll.dll
- 'te###ly5k.com':80
- '89.##4.61.135':443
- '74.##5.232.51':80
- te###ly5k.com/gwc/skulls.php?ne####################################
- DNS ASK te###ly5k.com
- DNS ASK www.google.com