Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{}] 'StubPath' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winupdate' = '%TEMP%\svchost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Runservices] '' = ''
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2010.05.04T12.40\Native\STUBEXE\@PROFILE@\Local Settings\Temp\svchost.exe
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2010.05.04T12.40\Native\STUBEXE\@PROFILE@\Local Settings\Temp\Setup.exe
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2010.05.04T12.40\Virtual\STUBEXE\@SYSTEM@\Setup.exe
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2010.05.04T12.40\Virtual\STUBEXE\@SYSTEM@\Hackhoundserver.exe
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trillian]
- [<HKCU>\Software\Paltalk]
- ClassName: '' WindowName: 'Yahoo! Messenger'
- %TEMP%\nst2.tmp\modern-wizard.bmp
- %TEMP%\nst2.tmp\ioSpecial.ini
- %TEMP%\nst2.tmp\InstallOptions.dll
- %TEMP%\nst2.tmp\modern-header.bmp
- %HOMEPATH%\hackhound.txt
- <LS_APPDATA>\Xenocode\Sandbox\1.0.0.0\2010.05.04T12.40\Virtual\XRegistry.tmp
- %TEMP%\Setup.exe
- %TEMP%\svchost.exe
- %HOMEPATH%\hackhound.txt
- ClassName: '#32770' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''