Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system' = '"%APPDATA%\test\test\1.0.0.0\svchost.exe" -start'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\csc.exe'
- '%APPDATA%\test\test\1.0.0.0\svchost.exe'
- '%APPDATA%\test\test\1.0.0.0\Interface(2).exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\csc.exe
- %TEMP%\D9BFAC3-37653A0B-43A63438-E232AA9AC_8920349460382611\Process.txt
- %TEMP%\D9BFAC3-37653A0B-43A63438-E232AA9AC_8920349460382611\Info.txt
- %TEMP%\D9BFAC3-37653A0B-43A63438-E232AA9AC8920349460382611210282840796701.zip
- %APPDATA%\test\test\1.0.0.0\Interface(2).exe
- %APPDATA%\test\test\1.0.0.0\svchost.exe
- %TEMP%\D9BFAC3-37653A0B-43A63438-E232AA9AC_8920349460382611\Programms.txt
- %APPDATA%\test\test\1.0.0.0\svchost.exe
- '1x##xit.ru':80
- DNS ASK 1x##xit.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''