Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Intel(R) Common Networking System' = '%APPDATA%\Intel Corporation\Intel(R) Common User Interface\8.1.1.7900\svchost.exe'
- %HOMEPATH%\local settings\tempsetup.exe
- %TEMP%\$inst\2.tmp
- <Текущая директория>\~maillaccess_checker.exe
- %TEMP%\$inst\temp_0.tmp
- %APPDATA%\microsoft\windows\8.1.7601.17587\setup.exe
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7900\server.zip
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7900\svchost.exe
- %APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe
- %TEMP%\dw.log
- %TEMP%\14d0e9.dmp
- <Текущая директория>\~maillaccess_checker.exe
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7900\svchost.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7900\server.zip
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- DNS ASK ca###urk.com
- '%HOMEPATH%\Local Settings\tempsetup.exe'
- '<Текущая директория>\~maillaccess_checker.exe'
- '%APPDATA%\microsoft\windows\8.1.7601.17587\setup.exe'
- '%APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7900\svchost.exe'
- '%APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe'
- '%APPDATA%\microsoft\windows\8.1.7601.17587\setup.exe' ' (со скрытым окном)
- '%APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe' ' (со скрытым окном)
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 440