Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\WUDhost.exe.lnk
- '<SYSTEM32>\cmd.exe' /c C:\ProgramData\WindowsTask\fafa.exe -o stratum+tcp://xmr.pool.minergate.com:45560 -u engel.l@inbox.ru -p x -t 2
- 'C:\ProgramData\System32\Logs\WUDhost.exe'
- C:\ProgramData\System32\Logs\WUDhost.exe
- C:\ProgramData\WindowsTask\fafa.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- C:\ProgramData\System32\Logs\fafa.exe
- C:\ProgramData\System32\Logs\WUDhost.exe
- C:\ProgramData\System32\Logs\fafa.exe
- C:\ProgramData\WindowsTask\fafa.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''