Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{6CFD5296-5576-4237-B046-7D9DD1E39D59}] 'StubPath' = '<LS_APPDATA>\Windows Service.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Bypass UAC' = '<LS_APPDATA>\Windows Service.exe'
- %WINDIR%\Explorer.EXE
- <LS_APPDATA>\Windows Service.exe
- %WINDIR%\beeb.cndy
- %TEMP%\aut1.tmp
- %TEMP%\aut1.tmp
- 'ru####ape.hopto.org':81
- DNS ASK ru####ape.hopto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''