Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ccproxy1] 'Start' = '00000002'
- <SYSTEM32>\export\catroot1\svchosts.exe -service
- <SYSTEM32>\export\catroot1\sc.exe create ccproxy1 binpath= <SYSTEM32>\export\catroot1\svchosts.exe type= own
- <SYSTEM32>\net1.exe start ccproxy1
- %WINDIR%\regedit.exe /s ct1.reg
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\export\catroot1\12.bat" "
- <SYSTEM32>\export\catroot1\web\account.htm
- <SYSTEM32>\export\catroot1\web\index.html
- <SYSTEM32>\export\catroot1\web\accheader.htm
- <SYSTEM32>\export\catroot1\web\acclist.htm
- <SYSTEM32>\export\catroot1\web\settings.htm
- <SYSTEM32>\export\catroot1\ct1.reg
- <SYSTEM32>\export\catroot1\web\list.htm
- <SYSTEM32>\export\catroot1\web\log.htm
- <SYSTEM32>\export\catroot1\CCProxy.ini
- <SYSTEM32>\export\catroot1\CDial.dll
- <SYSTEM32>\export\catroot1\12.bat
- <SYSTEM32>\export\catroot1\AccInfo.ini
- <SYSTEM32>\export\catroot1\uuid.dll
- <SYSTEM32>\export\catroot1\web\accadd.htm
- <SYSTEM32>\export\catroot1\sc.exe
- <SYSTEM32>\export\catroot1\svchosts.exe
- <SYSTEM32>\export\catroot1\ct1.reg
- <SYSTEM32>\export\catroot1\sc.exe
- '67.##5.160.76':80
- DNS ASK www.ya##o.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'C--WINDOWS-system32-export-catroot1-svchosts.HLP' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''