Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- %WINDIR%\1.exe
- %TEMP%\107515.gho
- %WINDIR%\1.exe
- %TEMP%\E_N4\krnln.fnr
- <SYSTEM32>\config\SysEvent.Evt
- %WINDIR%\1.exe
- <SYSTEM32>\config\AppEvent.Evt
- <SYSTEM32>\config\SecEvent.Evt
- 'li####79.3322.org':8081
- DNS ASK li####79.3322.org
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''