Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'playnowradio' = '%APPDATA%\playnowradio\playnowradio\1.3.4.8\playnowradio.exe'
- '%APPDATA%\playnowradio\playnowradio\1.3.4.8\playnowradio.exe'
- '<SYSTEM32>\schtasks.exe' /create /tn "$dMM6KqyKu+JyN+{$" /tr "%APPDATA%\playnowradio\playnowradio\1.3.4.8\playnowradio.exe MyCmd" /sc minute /mo 10
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\ffxtn.dll
- %TEMP%\Temporary Directory 1 for mainpkg.zip\ffxtn.dll
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\app.ini
- %TEMP%\Temporary Directory 1 for mainpkg.zip\app.ini
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\chrmXtn.dll
- %TEMP%\Temporary Directory 1 for mainpkg.zip\playnowradio.exe
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\mainpkg.zip
- %TEMP%\Temporary Directory 1 for mainpkg.zip\chrmXtn.dll
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\playnowradio.exe
- %APPDATA%\playnowradio\playnowradio\1.3.4.8\mainpkg.zip
- 'localhost':1042
- 'localhost':1043
- 'localhost':1041
- 'localhost':1038
- 're#####.montiera.com':80
- re#####.montiera.com/reports/jsCnt.srf?ri##########################################################################
- DNS ASK cn##.###lbarservices.com
- DNS ASK re#####.montiera.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'