Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{I0ISNJGI-4574-250E-51B5-D3Y57OA8W4IT}] 'StubPath' = '"%APPDATA%\Install\chrome.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ADOBE' = '%APPDATA%\Install\chrome.exe'
- %APPDATA%\Install\chrome.exe
- %APPDATA%\Install\Settings.ini
- %TEMP%\RarSFX1\stufile.exe
- %TEMP%\RarSFX0\fdd.bat
- %TEMP%\RarSFX0\stufile.sfx.exe
- %APPDATA%\Install\Settings.ini
- %TEMP%\RarSFX1\stufile.exe
- 'sa####low.hopto.org':5129
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK sa####low.hopto.org
- DNS ASK wp#d
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\Install\chrome.exe'
- '%TEMP%\RarSFX1\stufile.exe'
- '%TEMP%\RarSFX0\stufile.sfx.exe' -p123 -d%HOMEPATH%\Local Settings\Temp
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\fdd.bat" "