Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Iprip] 'Start' = '00000002'
- <SYSTEM32>\sc.exe start Iprip
- <SYSTEM32>\rundll32.exe iprip32.dll,RunInstallA
- <SYSTEM32>\iprip32.dll
- <SYSTEM32>\biosbin32.dat
- 'sh.###ivirusbar.org':443
- DNS ASK sh.###ivirusbar.org