Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{3Q6F8X2N-1I22-CG1E-557K-5Y72C30E5HQU}] 'StubPath' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- C:\server.exe 0
- %WINDIR%\explorer.exe
- <SYSTEM32>\svchost.exe
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\88603cb2913a7df3fbd16b5f958e6447_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- C:\server.exe
- <SYSTEM32>\InstallDir\svchost.exe
- %APPDATA%\Microsoft\Protect\S-1-5-21-1275210071-117609710-1801674531-500\b4288835-2031-4458-872f-aba98927ea17
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\549b9b645cadfe6bb4bc69cf363c354c_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\c0528c2346cb928a9052304ef3ab8fd4_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\549b9b645cadfe6bb4bc69cf363c354c_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- 'em####15.zapto.org':81
- 'localhost':1035
- DNS ASK em####15.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''