Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\pic.dll,Install
- '<SYSTEM32>\wscript.exe' "%WINDIR%\install.vbs"
- %WINDIR%\Temp\~tmp2b1f3a0e.old
- %WINDIR%\Temp\~tmp0aa85e1b.old
- <SYSTEM32>\pic.dll
- %WINDIR%\install.vbs
- %WINDIR%\pic.dll
- %WINDIR%\install.vbs
- 'sh#####iren.3322.org':4567
- DNS ASK ns#.#322.net
- DNS ASK ns#.#ray.net
- DNS ASK ns#.#hina.com
- DNS ASK sh#####iren.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''