Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HTTPServer' = '"%PROGRAM_FILES%\SNECON~1\sneconfig.exe"'
- %PROGRAM_FILES%\sneconfig\NoServer.exe
- <SYSTEM32>\sinvfct.dll
- %WINDIR%\SNMPAPI.DLL
- %ALLUSERSPROFILE%\Application Data\sneopts.dat
- %PROGRAM_FILES%\sneconfig\rds.exe
- %ALLUSERSPROFILE%\Application Data\events.log
- <SYSTEM32>\msvcr70.dll
- %WINDIR%\symdt32.dll
- %WINDIR%\imglib.dll
- %TEMP%\~vis0000\miscdata.xyz
- %TEMP%\~vis0000\rebootnt.exe
- %TEMP%\~vis0000\vise32ex.dll
- %TEMP%\~vis0000\English.vlg
- %TEMP%\~vis0000\rollback.log
- %PROGRAM_FILES%\sneconfig\sneconfig.exe
- %TEMP%\~vis0000\default.bmp
- %TEMP%\~vis0000\splash2.bmp
- %WINDIR%\symdt32.dll
- %PROGRAM_FILES%\sneconfig\rds.exe
- <SYSTEM32>\sinvfct.dll
- %PROGRAM_FILES%\sneconfig\sneconfig.exe
- %ALLUSERSPROFILE%\Application Data\sneopts.dat
- %TEMP%\~vis0000\rollback.log
- %TEMP%\~vis0000\splash2.bmp
- %TEMP%\~vis0000\vise32ex.dll
- %TEMP%\~vis0000\rebootnt.exe
- %TEMP%\~vis0000\miscdata.xyz
- %TEMP%\~vis0000\default.bmp
- %TEMP%\~vis0000\English.vlg
- ClassName: 'SpyAnywhere_HWND32' WindowName: ''
- ClassName: 'SpyAgent_HWND32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''