Technical Information
- [HKLM\System\CurrentControlSet\Services\VeryTired] 'ImagePath' = '%WINDIR%\SysWOW64\Proxy64.sys'
- 'VeryTired' %WINDIR%\SysWOW64\Proxy64.sys
- %WINDIR%\wmipsvers.exe
- <Current directory>\hookproxy.dll
- C:\documents and settings\all users\start menu\programs\startup\conime.exe
- %WINDIR%\syswow64\proxy64.sys
- %WINDIR%\temp\udd954c.tmp
- ctrlsmverytired
- <Current directory>\hookproxy.dll
- %WINDIR%\temp\udd954c.tmp
- 'fe####122.oicp.net':8023
- DNS ASK fe####122.oicp.net
- '%WINDIR%\wmipsvers.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<Full path to file>"