Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{38L76SNL-D67N-1R6A-GJDU-B5R7Q3P6215N}] 'StubPath' = '<SYSTEM32>\com\Xw66Lgg21A.exe Restart'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{38L76SNL-D67N-1R6A-GJDU-B5R7Q3P6215N}] 'StubPath' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] '4Gb88Vqp53' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] '4Gb88Vqp53' = ''
- <SYSTEM32>\Com\Xw66Lgg21A.exe
- C:\server.exe
- C:\Blog Posting.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\%USERNAME%7
- %APPDATA%\%USERNAME%v1.18.0 - Trial versionlog.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CA5W0ZHT
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%2.txt
- C:\server.exe
- C:\Blog Posting.exe
- <SYSTEM32>\Com\Xw66Lgg21A.exe
- %APPDATA%\%USERNAME%v1.18.0 - Trial versionlog.dat
- <SYSTEM32>\Com\Xw66Lgg21A.exe
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%2.txt
- C:\server.exe
- '74.##5.232.51':80
- 'av###.no-ip.org':5005
- 'localhost':1035
- 'ni#.#aver.com':443
- DNS ASK av###.no-ip.org
- DNS ASK www.google.com
- DNS ASK ni#.#aver.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''