Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ptwtnv] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\lrroof] 'Start' = '00000002'
- <SYSTEM32>\sc.exe create ptwtnv type= kernel start= auto binpath= "%PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\ptwtnv.bin"
- <SYSTEM32>\sc.exe create lrroof type= kernel binpath= "%PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\lrroof.bin" start= auto
- %WINDIR%\msagent\om8058.tlb
- %WINDIR%\inf\wer3095
- %PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\ptwtnv.bin
- %WINDIR%\system\zi1689.drv
- %WINDIR%\srchasst\na6399.lex
- %TEMP%\1.tmp
- %WINDIR%\msagent\dlz8266.tlb
- %WINDIR%\Temp\{bf4338e6-8af7-4f9c-0080-263dc09775a9}
- %PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\lrroof.bin
- %WINDIR%\Temp\{bf4338e6-8af7-4f9c-0080-263dc09775a9}
- %WINDIR%\srchasst\na6399.lex
- %PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\ptwtnv.bin
- %PROGRAM_FILES%\Uninstall Information\{ccb839c2-ac2d-4045-009b-3e2d42ae6cc7}\lrroof.bin
- %TEMP%\1.tmp
- DNS ASK www.ba##u.com