Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'dpkS_uppkrBUa_JGnwzvayGcjU' = '<SYSTEM32>\MifofomlJLohdj.exe'
- [<HKLM>\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\explorer.exe' = '%WINDIR%\explorer.exe:*:Enabled:dpkS_uppkrBUa_JGnwzvayGcjU'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%WINDIR%\explorer.exe"
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Check.lnk
- <SYSTEM32>\MifofomlJLohdj.exe
- 'fa#l.pw':80
- fa#l.pw/gtrx/
- DNS ASK fa#l.pw
- ClassName: '(null)' WindowName: '?'