Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k neTsvcs
- <SYSTEM32>\cmd.exe /c """%TEMP%\1.bat"" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\vpnlist[1].txt
- %TEMP%\saphardana.ini
- <Текущая директория>\jtiplist.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\gonggao[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\top[1].htm
- <SYSTEM32>\wvkzwr
- %TEMP%\jtvpn.exe
- %TEMP%\1.bat
- %TEMP%\Server.exe
- <Текущая директория>\Ias
- %TEMP%\zakctugt.tmp
- <Текущая директория>\jtiplist.ini
- %TEMP%\saphardana.ini
- %TEMP%\Server.exe
- <Текущая директория>\Ias
- 'li##.pptpvpn.cn':80
- 'localhost':1036
- 'wy####aji.3322.org':1997
- li##.pptpvpn.cn/vpnelink/gonggao.htm
- li##.pptpvpn.cn/vpnelink/top.htm
- li##.pptpvpn.cn/vpnelink/vpnlist.txt
- DNS ASK li##.pptpvpn.cn
- DNS ASK wy####aji.3322.org
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'TFrmMain' WindowName: '????VPN????'
- ClassName: 'Shell_TrayWnd' WindowName: ''