Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'kbdrv86' = '%WINDIR%\Debug\cmdpromt.exe \log'
- [<HKLM>\SYSTEM\ControlSet001\Services\drk] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\Debug\cmdpromt.exe' = '%WINDIR%\Debug\cmdpromt.exe:*:Enabled:KL'
- %WINDIR%\Debug\cmdpromt.exe /log /start
- [<HKCU>\SOFTWARE\FlashFXP\3]
- [<HKLM>\SOFTWARE\FlashFXP\3]
- %WINDIR%\Debug\ddid
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\_uid=841020&ver=9cxpa[1]
- %WINDIR%\Debug\result.dark
- %WINDIR%\Debug\bc
- %WINDIR%\Debug\cmdpromt.exe
- %WINDIR%\Debug\ddid
- %WINDIR%\Debug\cmdpromt.exe
- %WINDIR%\Debug\result.dark
- %WINDIR%\Debug\bc
- '?u########0&ver=9cxpa.localdomain':80
- ?u########0&ver=9cxpa.localdomain/
- DNS ASK ?u########0&ver=9cxpa.localdomain
- ClassName: 'Indicator' WindowName: ''