Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '6185edbe0505bb185afe2c72153874c1' = '"%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '6185edbe0505bb185afe2c72153874c1' = '"%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\SJXVs.com.url
- %HOMEPATH%\Start Menu\Programs\Startup\6185edbe0505bb185afe2c72153874c1.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe' = '%WINDI...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" "InstallUtil.exe" ENABLE
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- %APPDATA%\reach\future.exe
- %TEMP%\aut1.tmp
- %HOMEPATH%\Local Settings\TempGXezN.bmp
- %TEMP%\aut1.tmp
- 'ad####2.duckdns.org':2083
- DNS ASK ad####2.duckdns.org
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe'