Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\RarSFX0\flashget_2605_1.exe' = '%TEMP%\RarSFX0\flashget_2605_1.exe:*:Enabled:fg_ol_setup'
- %TEMP%\RarSFX0\flashget_2605_1.exe
- <SYSTEM32>\wscript.exe "%TEMP%\RarSFX0\2222.vbs"
- %HOMEPATH%\Favorites\8263ЙПНшЦчТі.url
- %HOMEPATH%\Favorites\МФ±¦Е®Ч°.url
- %HOMEPATH%\Favorites\МФ±¦Нш - МФЈЎОТПІ»¶.url
- %TEMP%\RarSFX0\flashget_2605_1.exe
- %TEMP%\RarSFX0\2222.vbs
- 'ol####.flashget.com':80
- 's4.##ashget.com':80
- ol####.flashget.com/ver7/6E4B673EC8926C19D3EBBF43DD1D6576/7AA1740D47C2E43E5AF511214697E94B/clickrun/2605/PST|flashget_2605_1.exe|<Служебное имя>.exe|<Служебное имя>.exe|
- s4.##ashget.comhttp://s4.flashget.com/fg4/sul
- DNS ASK ol####.flashget.com
- DNS ASK s4.##ashget.com
- DNS ASK p2#####gji.flashget.com
- 'p2#####gji.flashget.com':5555
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''