Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\360svc\Parameters] 'ServiceDll' = 'C:\Documents and Settings\Local User\windmad32.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\360svc] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsvcs'
- [<HKLM>\SYSTEM\ControlSet001\Services\360svc] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- C:\Documents and Settings\Local User\windmad32.dll
- 'dj##.3322.org':8800
- DNS ASK dj##.3322.org