Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SysLog' = 'C:\Users\%USERNAME%\AppData\Roaming\SysLog\Updater.exe'
- C:\Users\%USERNAME%\AppData\Roaming\SysLog\SysLog.exe
- C:\Users\%USERNAME%\AppData\Roaming\SysLog\Updater.exe
- C:\Users\%USERNAME%\AppData\Roaming\SysLog\log.txt
- 'mr####h.mr.ohost.de':80
- 'wp#d':80
- mr####h.mr.ohost.de/niach/Updater.exe
- wp#d/wpad.dat
- DNS ASK mr####h.mr.ohost.de
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''