Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Esupport\ESupport.exe' = '%TEMP%\Esupport\ESupport.exe:*:Enable...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Esupport\ezwinvnc64.exe' = '%TEMP%\Esupport\ezwinvnc64.exe:*:En...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Esupport\ezwinvnc.exe' = '%TEMP%\Esupport\ezwinvnc.exe:*:Enable...
- '%TEMP%\Esupport\ESupport.exe'
- %TEMP%\Esupport\onlinelogo.jpg
- %TEMP%\Esupport\psapi.dll
- %TEMP%\Esupport\ezwinvnc64.exe
- %TEMP%\Esupport\icon1.ico
- %TEMP%\Esupport\ultravnc.ini
- %TEMP%\nsd2.tmp\SimpleFC.dll
- %TEMP%\~DFE63D.tmp
- %TEMP%\Esupport\vnchooks.dll
- %HOMEPATH%\Desktop\EsupportX.exe
- %TEMP%\Esupport\ezwinvnc.exe
- %TEMP%\Esupport\SCHook.dll
- %TEMP%\Esupport\SCHook64.dll
- %TEMP%\Esupport\ESupport.exe
- %TEMP%\Esupport\ESupport.exe.manifest
- %TEMP%\Esupport\SecureVNCPlugin.dsm
- %TEMP%\Esupport\ac.key
- %TEMP%\Esupport\black.bmp
- %TEMP%\Esupport\SecureVNCPlugin64.dsm
- %TEMP%\Esupport\WhatsNew.txt
- %TEMP%\nsd2.tmp\SimpleFC.dll
- 'im#####ionsystems.com':80
- 'localhost':1039
- http://im#####ionsystems.com/Esupport2.php?p=######################
- DNS ASK im#####ionsystems.com
- ClassName: 'Shell_TrayWnd' WindowName: ''