Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\Common.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Audio Control] 'Start' = '00000001'
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\del09.bat
- <SYSTEM32>\ipconfig.exe
- <SYSTEM32>\Audio.sys
- <SYSTEM32>\del09.bat
- %TEMP%\cac1.tmp.exe
- DNS ASK m.###ianren.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''