Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'KNWE' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{C310W741-5611-0EU3-BB0U-NCP5338043B1}] 'StubPath' = '<SYSTEM32>\microsoft\svchost.exe Restart'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{C310W741-5611-0EU3-BB0U-NCP5338043B1}] 'StubPath' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'JENR' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ATI Display Driver' = '%TEMP%\u9lXX6pzcDA.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Policies' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- скрытых файлов
- <SYSTEM32>\Microsoft\svchost.exe
- %WINDIR%\explorer.exe
- %WINDIR%\explorer.exe
- %APPDATA%\logs.dat
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %TEMP%\u9lXX6pzcDA.exe
- <SYSTEM32>\Microsoft\svchost.exe
- %TEMP%\XX--XX--XX.txt
- %APPDATA%\logs.dat
- %TEMP%\u9lXX6pzcDA.exe
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %TEMP%\XX--XX--XX.txt
- 'ma####mc.no-ip.org':556
- DNS ASK ma####mc.no-ip.org
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''