Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{G2P604P2-7424-BL32-TIQ7-6Q2USXBU203Q}] 'StubPath' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %APPDATA%\Roaming\Microsoft\Windows\CbRMh.dat
- %WINDIR%\InstallDir\system.exe
- %APPDATA%\Roaming\Microsoft\Windows\CbRMh.cfg
- %APPDATA%\Roaming\Microsoft\Windows\CbRMh.dat
- %WINDIR%\InstallDir\system.exe
- %APPDATA%\Roaming\Microsoft\Windows\CbRMh.cfg
- 'fr####ag.zapto.org':81
- 'localhost':51627
- DNS ASK dn#.##ftncsi.com
- DNS ASK fr####ag.zapto.org
- ClassName: 'Indicator' WindowName: '(null)'