Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SoundMax Audio Drivers' = 'soundmax.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunServices] 'SoundMax Audio Drivers' = 'soundmax.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SoundMax Audio Drivers' = 'soundmax.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'SoundMax Audio Drivers' = 'soundmax.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\soundmax.exe' = '<SYSTEM32>\soundmax.exe:*:Enabled:SoundMax Audio Drivers'
- 'C:\lsass.exe'
- '<SYSTEM32>\soundmax.exe' 784 "<Полный путь к вирусу>"
- NAVAPW32.EXE
- nod32.exe
- GUARD.EXE
- mpftray.exe
- ZONEALARM.EXE
- ntvdm.exe
- outpost.exe
- zapro.exe
- AVP.EXE
- AVP32.EXE
- AVGCC32.EXE
- AVGCTRL.EXE
- AVSYNMGR.EXE
- fsav32.exe
- AVPCC.EXE
- AVPM.EXE
- C:\lsass.exe
- <SYSTEM32>\soundmax.exe
- C:\lsass.exe
- <SYSTEM32>\soundmax.exe
- 'wi##ipz.com':3921
- DNS ASK wi##ipz.com
- ClassName: 'Indicator' WindowName: '(null)'