Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winlogons' = '%HOMEPATH%\Start Menu\Programs\Startup\winlogon.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\taskung.exe
- %HOMEPATH%\Start Menu\Programs\Startup\winlogon.exe
- скрытых файлов
- %TEMP%\Bot_Builder_-_cracked.exe
- %HOMEPATH%\Start Menu\Programs\Startup\taskung.exe
- %TEMP%\Steam-Login.exe
- %HOMEPATH%\Start Menu\Programs\Startup\winlogon.exe
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\MessengerService]
- %TEMP%\Bot_Builder_-_cracked.exe
- %TEMP%\Steam-Login.exe
- %APPDATA%\winrecord.dat
- %HOMEPATH%\Start Menu\Programs\Startup\taskung.exe
- %HOMEPATH%\Start Menu\Programs\Startup\winlogon.exe
- %APPDATA%\winrecord.dat
- %TEMP%\Steam-Login.exe
- '93.##4.43.50':80
- 'wp#d':80
- wp#d/wpad.dat
- 93.##4.43.50/fuck/_1_/connect.php
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''