Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'StartKey' = '<SYSTEM32>\setpaths.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'StartKey' = '<SYSTEM32>\setpaths.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{15CDF7EC-751B-46aa-AD69-4005FE080DE8}] 'stubpath' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Hkcmds' = '<SYSTEM32>\hkcmds.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Hkcmds' = '<SYSTEM32>\hkcmds.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{15CDF7EC-751B-46aa-AD69-4005FE080DE9}] 'stubpath' = ''
- %TEMP%\explorer.exe
- %TEMP%\LSASS.EXE
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\hkcmds.exe
- <SYSTEM32>\setpaths.exe
- %TEMP%\LSASS.EXE
- %TEMP%\explorer.exe
- %TEMP%\explorer.exe
- %TEMP%\LSASS.EXE
- 'ch#####l.chatnook.com':8080
- 'ch####ail.toh.info':8080
- 'ch#####l.chatnook.com':443
- 'ch####ail.toh.info':443
- DNS ASK ch####ail.toh.info
- DNS ASK ch#####l.chatnook.com
- '<IP-адрес в локальной сети>':1036
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''