Техническая информация
- [<HKCU>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'svchost' = '%APPDATA%\svchost.exe'
- [<HKLM>\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'svchost' = '%APPDATA%\svchost.exe'
- ikzs9.exe
- <LS_APPDATA>\google\chrome\user data\default\web data
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: 'gdkWindowToplevel', WindowName: ''
- %TEMP%\mw2 keygen1.exe
- %TEMP%\ikzs9.exe
- %TEMP%\1.exe
- %TEMP%\2.exe
- %APPDATA%\svchost.exe
- %APPDATA%\chrtmp
- <LS_APPDATA>\microsoft\windows\explorer\svchost.exe
- DNS ASK ze####s.gotdns.com
- '%TEMP%\mw2 keygen1.exe'
- '%TEMP%\ikzs9.exe'
- '%TEMP%\1.exe'
- '%APPDATA%\svchost.exe'