Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\0011b125] 'ImagePath' = '<DRIVERS>\0011b125.sys'
- [<HKLM>\System\CurrentControlSet\Services\0011b154] 'ImagePath' = '<DRIVERS>\0011b154.sys'
- [<HKLM>\System\CurrentControlSet\Services\0011b173] 'ImagePath' = '<DRIVERS>\0011b173.sys'
- '0011b125' <DRIVERS>\0011b125.sys
- '0011b154' <DRIVERS>\0011b154.sys
- '0011b173' <DRIVERS>\0011b173.sys
- %TEMP%\nsha728.tmp
- %TEMP%\nsxa739.tmp\system.dll
- %TEMP%\759a75.dll
- %TEMP%\newadvapi32.dll
- %TEMP%\fixfinal2.dll
- %TEMP%\antirk.dll
- %WINDIR%\syswow64\drivers\0011b125.sys
- %WINDIR%\syswow64\drivers\0011b154.sys
- %WINDIR%\syswow64\drivers\0011b173.sys
- %TEMP%\newadvapi32.dll
- %WINDIR%\syswow64\drivers\0011b125.sys
- %WINDIR%\syswow64\drivers\0011b154.sys
- %WINDIR%\syswow64\drivers\0011b173.sys
- 'd.###safe.com':80
- DNS ASK d.###safe.com