Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Win_Updater] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\system\svchost.exe' = '<SYSTEM32>\system\svchost.exe:*:Enabled:Updater Service'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<DRIVERS>\safesurf.exe' = '<DRIVERS>\safesurf.exe:*:Enabled:Updater Service Tools'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '' = 'C:\\windows\\system32\\drivers\\safesurf.exe:*:Enabled:Updater Service'
- <SYSTEM32>\system\svchost.exe
- <DRIVERS>\safesurf.exe
- <SYSTEM32>\ICH.exe
- <SYSTEM32>\system\svchost.exe /install /silent
- <SYSTEM32>\net1.exe start Win_Updater
- <SYSTEM32>\system\svchost.exe
- <DRIVERS>\safesurf.exe
- <SYSTEM32>\ICH.exe
- <SYSTEM32>\ico.ico
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\5.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\7.tmp
- %TEMP%\$inst\5.tmp
- %TEMP%\$inst\7.tmp
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- ClassName: '' WindowName: 'JetSwap SafeSurf'
- ClassName: 'Shell_TrayWnd' WindowName: ''