Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Mozilla Firefox' = '"%APPDATA%\firefox.exe"'
- %WINDIR%\Tasks\BackUp Wizard.job
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\UScreenCapture.ax
- '<SYSTEM32>\schtasks.exe' /Create /SC ONSTART /TN "BackUp Wizard" /TR """"%APPDATA%\Microsoft_backup.exe"""" /RU "NT AUTHORITY\SYSTEM"
- %APPDATA%\firefox.exe
- %APPDATA%\Microsoft_backup.exe
- %WINDIR%\UScreenCapture.ax
- 'localhost':1036
- DNS ASK www.sp###mber.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''