Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ZS' = '%APPDATA%\svchost.exe'
- '%APPDATA%\svchost.exe'
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="ZS" program="%APPDATA%\svchost.exe" dir=Out action=allow
- %APPDATA%\sqlite3.dll
- %APPDATA%\bs.dll
- %APPDATA%\zs.dll
- %APPDATA%\svchost.exe
- %APPDATA%\svchost.exe:Zone.Identifier
- 'up#####27123.myjino.ru':80
- http://up#####27123.myjino.ru/z/lib/bs.dll
- http://up#####27123.myjino.ru/z/lib/sql.dll
- http://up#####27123.myjino.ru/z/lib/zs.dll
- DNS ASK up#####27123.myjino.ru
- ClassName: ' !"#$%&()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`A...
- ClassName: 'SysTreeView32' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: ' !"#$%&' WindowName: ''