Техническая информация
- '%ALLUSERSPROFILE%\Application Data\QuickTuneUp\jrt.exe'
- '%ALLUSERSPROFILE%\Application Data\QuickTuneUp\hitman.exe' /scan /noinstall
- '%ALLUSERSPROFILE%\Application Data\QuickTuneUp\jrt.exe' (загружен из сети Интернет)
- '%ALLUSERSPROFILE%\Application Data\QuickTuneUp\hitman.exe' (загружен из сети Интернет)
- '<SYSTEM32>\rundll32.exe' inetcpl.cpl ResetIEtoDefaults
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer /VE /T REG_SZ /F /D Service
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\JRT[1].exe
- %ALLUSERSPROFILE%\Application Data\QuickTuneUp\jrt.exe
- %ALLUSERSPROFILE%\Application Data\QuickTuneUp\hitman.exe
- %ALLUSERSPROFILE%\Application Data\QuickTuneUp\QuickTuneUp.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\HitmanPro[1].exe
- 'th###sudax.org':80
- 'dl.##rfright.nl':80
- th###sudax.org/downloads/JRT.exe
- dl.##rfright.nl/HitmanPro.exe
- DNS ASK th###sudax.org
- DNS ASK dl.##rfright.nl
- ClassName: 'BUTTON' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'