Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{83DA13C4-E00A-4CF1-0851-7220C3A3E8C8}] 'stubpath' = ''
- '%TEMP%\HCKKQX_server.exe'
- '%TEMP%\HKPFKO_Launcher.exe'
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %TEMP%\HCKKQX_server.exe
- %TEMP%\HKPFKO_Launcher.exe
- %WINDIR%\Wins\mstwains.exe
- %APPDATA%\addon.dat
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\a2661bb1-3444-403b-9e54-ca41efa2d91b
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\699c4b9cdebca7aaea5193cae8a50098_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- 'de####n.sytes.net':81
- DNS ASK de####n.sytes.net
- ClassName: 'Shell_TrayWnd' WindowName: ''