Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{6W6CM0UR-5051-3GL3-WA6V-TG8W8HE268F8}] 'StubPath' = '<SYSTEM32>\System32\svchost.exe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- <LS_APPDATA>\Xenocode\Sandbox\0.0.0.0\2011.05.26T19.25\Virtual\STUBEXE\8.0.1112\@PROFILE@\Local Settings\Temp\Double2.exe
- <LS_APPDATA>\Xenocode\Sandbox\0.0.0.0\2011.05.26T19.25\Native\STUBEXE\8.0.1112\@PROFILE@\Local Settings\Temp\iTV2HwOA\18818.exe
- <LS_APPDATA>\Xenocode\Sandbox\0.0.0.0\2011.05.26T19.25\Native\STUBEXE\8.0.1112\@APPDATA@\server.exe
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2011.05.27T10.02\Virtual\STUBEXE\8.0.1112\@APPDIR@\Sharecashdownloader Double.exe
- %TEMP%\Double3.exe
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2011.05.27T10.02\Native\STUBEXE\8.0.1112\@PROFILE@\Local Settings\Temp\Sharecashdownloader v17.exe
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Paltalk]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- %APPDATA%\server.exe
- <SYSTEM32>\System32\svchost.exe
- %TEMP%\%USERNAME%2.txt
- %TEMP%\iTV2HwOA\18818.exe
- %TEMP%\Double3.exe
- %TEMP%\Sharecashdownloader v17.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''