Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Hardware.exe' = '%ALLUSERSPROFILE%\Application Data\Interrupts\Hardware.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%ALLUSERSPROFILE%\Application Data\Interrupts\'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DesignerLG.exe' = ''
- <Текущая директория>\RCX2.tmp
- %ALLUSERSPROFILE%\Application Data\Interrupts\Hardware.exe
- <Текущая директория>\hookdll.dll
- <Текущая директория>\RCX1.tmp
- 'de##.#kentgroup.com':80
- 'www.ag##.com.br':80
- 'www.ag######smoraggiodisole.com':80
- de##.#kentgroup.com/kenchan/international/adonet.php
- www.ag##.com.br/apuracao/filtect.php
- www.ag######smoraggiodisole.com/files/filtect.php
- DNS ASK de##.#kentgroup.com
- DNS ASK www.ag##.com.br
- DNS ASK www.ag######smoraggiodisole.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''