Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'support' = '%WINDIR%\twain.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '%WINDIR%\system\svchost.exe'
- '%WINDIR%\twain.exe'
- '%WINDIR%\system\svchost.exe'
- '%WINDIR%\system\svchost.exe' /install /port:4888 /pass:s2m420 /silence /save
- %WINDIR%\twain.exe
- %WINDIR%\system\svchost.exe
- %WINDIR%\system\AdmDll.dll
- %WINDIR%\system\raddrv.dll
- 'im###.hut2.ru':80
- im###.hut2.ru/image/ip.php
- DNS ASK im###.hut2.ru