Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\1397hub] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe'
- <SYSTEM32>\rundll32.exe
- <DRIVERS>\1397hub.sys
- %WINDIR%\leg.ini
- %TEMP%\1e24e.tmp
- %TEMP%\1d81b.tmp
- %TEMP%\1dd9a.tmp
- %TEMP%\1e24e.tmp
- %TEMP%\1dd9a.tmp
- %TEMP%\1d81b.tmp
- '12#.#37.78.178':8877
- '12#.#37.78.178':7788
- DNS ASK nt#.##dan.edu.cn
- 'localhost':2848
- 'nt#.##dan.edu.cn':123
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'