Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Firewall' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{5CR17FDK-588I-1I6J-05R0-5BOG6B10O048}] 'StubPath' = '%WINDIR%\Firewall\Firewall.exe Restart'
- %WINDIR%\Firewall\Firewall.exe persist
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\winlogon.exe
- %WINDIR%\explorer.exe
- %WINDIR%\Explorer.EXE
- %WINDIR%\Firewall\keylog.dat
- %WINDIR%\Firewall\Firewall.exe
- %WINDIR%\Firewall\keylog.dat
- %WINDIR%\Firewall\Firewall.exe
- 'pe#####cker1.no-ip.info':81
- 'pe#####cker.no-ip.info':81
- DNS ASK pe#####cker1.no-ip.info
- DNS ASK pe#####cker.no-ip.info
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''