Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'System Server Cache' = '<SYSTEM32>\srvhost64.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Server Cache' = '<SYSTEM32>\srvhost64.exe'
- '<SYSTEM32>\srvhost64.exe' rem "<SYSTEM32>\~TEMP.exe"
- '<SYSTEM32>\srvhost64.exe'
- '<SYSTEM32>\~TEMP.exe'
- <SYSTEM32>\winlogon.exe
- outpost.exe
- AVP.EXE
- bdagent.exe
- <SYSTEM32>\installer.exe
- <SYSTEM32>\srvhost64.exe
- <SYSTEM32>\~TEMP.exe
- <SYSTEM32>\installer.exe
- '21#.#3.252.194':6667
- '2.#####tetorrent.org':1337
- DNS ASK 2.#####tetorrent.org
- ClassName: 'Shell_TrayWnd' WindowName: ''