Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\RpcRemote] 'Start' = '00000002'
- <SYSTEM32>\remote.exe
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\kernel32.ime
- %WINDIR%\Temp\ime.tmp
- <SYSTEM32>\remote.exe
- %WINDIR%\Temp\ime.tmp
- 'su####oll.3322.org':5262
- DNS ASK Su####oll.3322.org
- ClassName: 'mIRC' WindowName: ''