Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{NSMB7Y42-2Q8B-D12F-CJ68-L6E8P2C58V7Q}] 'StubPath' = 'C:\Java\svhost.exe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Java' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Java' = ''
- C:\Java\svhost.exe
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %APPDATA%\cglogs.dat
- C:\Java\svhost.exe
- %TEMP%\XX--XX--XX.txt
- %APPDATA%\cglogs.dat
- C:\Java\svhost.exe
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %TEMP%\XX--XX--XX.txt
- 'lo#######ngu.doesntexist.com':82
- 'lo#######ngu.doesntexist.com':666
- DNS ASK lo#######ngu.doesntexist.com
- ClassName: 'Indicator' WindowName: ''