Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%APPDATA%\Java\JavaUpdtr.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Update' = '%HOMEPATH%\Desktop\filename.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Update' = '%HOMEPATH%\Desktop\filename.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '%HOMEPATH%\Desktop\filename.exe'
- '%HOMEPATH%\Desktop\filename.exe'
- <SYSTEM32>\ctfmon.exe
- translink.exe
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FTP Commander]
- [<HKCU>\Software\Paltalk]
- [<HKCU>\Software\Microsoft\Internet Explorer\IntelliForms\Storage2]
- %TEMP%\tmpD.tmp
- %TEMP%\tmpE.tmp
- %TEMP%\tmpC.tmp
- %TEMP%\tmpA.tmp
- %TEMP%\tmpB.tmp
- %TEMP%\tmp12.tmp
- %TEMP%\tmp13.tmp
- %TEMP%\tmp11.tmp
- %TEMP%\tmpF.tmp
- %TEMP%\tmp10.tmp
- %TEMP%\tmp9.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp1.tmp
- %HOMEPATH%\Desktop\filename.exe
- %APPDATA%\data.bin
- %TEMP%\tmp7.tmp
- %TEMP%\tmp8.tmp
- %TEMP%\tmp6.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %APPDATA%\data.bin
- %APPDATA%\data.bin
- DNS ASK ch####p.dyndns.org
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''