Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'C:\Updater_original.exe' = 'C:\Updater_original.exe:*:Enabled:Updater_original.exe'
- 'C:\Updater_original.exe'
- 'C:\speedyfox.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "C:\Updater_original.exe" "Updater_original.exe" ENABLE
- C:\Updater_original.exe
- C:\speedyfox.exe
- C:\HVMRuntm.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\speedyfox[1].txt
- 'ro####oss.no-ip.biz':5552
- 'www.cr###alidea.com':80
- www.cr###alidea.com/update/speedyfox.txt
- DNS ASK ro####oss.no-ip.biz
- DNS ASK www.cr###alidea.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''