Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system control' = 'C:\analyzer\systemcontrol.exe'
- 'C:\analyzer\systemcontrol.exe'
- '%TEMP%\JustinBieber.exe'
- '%TEMP%\install.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\RarSFX0\update.vbs"
- %TEMP%\GLW5.tmp
- %TEMP%\GLM4.tmp
- C:\analyzer\systemcontrol.exe
- %TEMP%\~GLH0001.TMP
- %TEMP%\~GLH0000.TMP
- %TEMP%\RarSFX0\systemcontrol.exe
- %TEMP%\JustinBieber.exe
- %TEMP%\install.exe
- %TEMP%\GLC2.tmp
- %TEMP%\RarSFX0\update.vbs
- %TEMP%\GLK3.tmp
- %TEMP%\RarSFX0\update.vbs
- %TEMP%\RarSFX0\systemcontrol.exe
- %TEMP%\GLW5.tmp
- %TEMP%\~GLH0001.TMP в %TEMP%\dns.txt
- %TEMP%\~GLH0000.TMP в %TEMP%\GLF7.tmp
- 'yo#####screensaver.com':80
- yo#####screensaver.com/utilities/getDNS.php
- DNS ASK yo#####screensaver.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'