Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%HOMEPATH%\WINDOWS\SYSTEM\Luncher.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- %HOMEPATH%\WINDOWS\SYSTEM\twin_32_local.exe (загружен из сети Интернет)
- <SYSTEM32>\taskkill.exe /F /IM alyac.aye /IM ayservicent.aye /IM ayagent.aye /IM V3Ltray.exe /IM V3LSvc.exe /IM V3Ltray.exe /IM V3Light.exe /IM V3LRun.exe /IM ccSvcHst.exe /IM nsavsvc.npc /IM nsvmon.npc /IM ScanningProcess.exe /IM NPCGreenAgent.npc
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\174AFF184ABD746E347407[1]
- %HOMEPATH%\WINDOWS\SYSTEM\twin_32_local.exe
- %HOMEPATH%\WINDOWS\SYSTEM\PID.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\1931281A4AF1825739C94F[1]
- %HOMEPATH%\WINDOWS\SYSTEM\Windows_32.exe
- %HOMEPATH%\WINDOWS\SYSTEM\PID.txt
- 'cf#####4.uf.daum.net':80
- 'cf#####9.uf.daum.net':80
- 'localhost':1033
- cf#####4.uf.daum.net/attach/174AFF184ABD746E347407
- cf#####9.uf.daum.net/attach/1931281A4AF1825739C94F
- DNS ASK cf#####4.uf.daum.net
- DNS ASK cf#####9.uf.daum.net
- '<IP-адрес в локальной сети>':1034
- ClassName: '' WindowName: ''