Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Intel GPU' = '%ProgramFiles%\Intel GPU\GfxUI.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Search Helper' = '%APPDATA%\Microsoft\Search\SearchHelper.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\ShareIt Service.exe
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f /t REG_SZ /v "Intel GPU" /d "%ProgramFiles%\Intel GPU\GfxUI.exe"
- '%TEMP%\WER9mso.dir00\com3.exe'
- '%APPDATA%\Microsoft\Search\SearchHelper.exe'
- %TEMP%\WER9mso.dir00\com3.exe
- %ProgramFiles%\Intel GPU\GfxUI.exe
- %APPDATA%\Microsoft\persist.dat
- %APPDATA%\Microsoft\Search\SearchHelper.exe
- 'su######ervice.netai.net':80
- 'su#####backup.esy.es':80
- http://su######ervice.netai.net/c/c13.php?m=############
- http://su#####backup.esy.es/c/c13.php?m=############
- DNS ASK ba#####upport.comxa.com
- DNS ASK qu###s.hol.es
- DNS ASK qu###.comuf.com
- DNS ASK su#####backup.esy.es
- DNS ASK su######ervice.netai.net
- DNS ASK ba#####upport.esy.es
- ClassName: 'Shell_TrayWnd' WindowName: ''