Technical Information
- [<HKLM>\System\CurrentControlSet\Services\clr_optimization_4.5_X32] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\clr_optimization_4.5_X32] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsvcs'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\clr_optimization_4.5_X32\Parameters] 'ServiceDll' = '%WINDIR%\netframe45x32.dll'
- 'clr_optimization_4.5_X32' <SYSTEM32>\svchost.exe -k netsvcs
- %WINDIR%\netframe45x32.dll
- 'ne####s.gicp.net':8001
- DNS ASK ne####s.gicp.net
- '%WINDIR%\syswow64\svchost.exe' -k netsvcs