Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'JavaUpdate70' = 'C:\systeam\winthlxp70byte.cpl'
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v JavaUpdate70 /d "C:\systeam\winthlxp70byte.cpl" /f
- '<SYSTEM32>\rundll32.exe' Shell32.DLL, Control_RunDLL C:\systeam\winthlxp70byte.cpl
- C:\systeam\roninnn.cmd
- C:\systeam\processxit2.cpl
- C:\systeam\winthlxp70byte.cpl
- 'ki####1.hpg.com.br':80
- ki####1.hpg.com.br/sysgf.html
- DNS ASK ki#####13.hpg.com.br
- DNS ASK ki#####12.hpg.com.br
- DNS ASK ki####1.hpg.com.br
- ClassName: '(null)' WindowName: 'syscodexx'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'