Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Easy' = '%APPDATA%\Founder Systems\easy.exe'
- '%APPDATA%\Founder Systems\easy.exe'
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' /silent /codebase "%APPDATA%\Founder Systems\ie2.dll"
- %APPDATA%\Founder Systems\page.html
- %APPDATA%\Founder Systems\manifest.json
- %APPDATA%\Founder Systems\jquery.js
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\activekontentall[1]
- %APPDATA%\Founder Systems\easy.exe
- %APPDATA%\Founder Systems\ie2.dll
- %APPDATA%\Founder Systems\home.js
- %TEMP%\tmp1.tmp
- <Текущая директория>\SQLite.Interop.dll
- %APPDATA%\Founder Systems\icon_32.png
- %APPDATA%\Founder Systems\icon_16.png
- %APPDATA%\Founder Systems\icon_128.png
- %TEMP%\tmp1.tmp
- 'ac#####ontentall.com':80
- 'localhost':1036
- ac#####ontentall.com/?r=#####
- DNS ASK ac#####ontentall.com
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'