Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{NETAFB54-328K-8Q6H-H1LN-7BB70W0D7A38}] 'StubPath' = '<SYSTEM32>\system23 Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\taskhost.exe'
- '%WINDIR%\explorer.exe'
- %WINDIR%\Explorer.EXE
- %APPDATA%\Roaming\FFPXOMEV-wchelper.dll
- %TEMP%\FFPXOMEV7
- %TEMP%\FFPXOMEV8
- <SYSTEM32>\system23
- %TEMP%\FFPXOMEV2.txt
- %APPDATA%\Roaming\3ACF1CC3\ak.tmp
- %APPDATA%\Roaming\FFPXOMEV-wchelper.dll
- <SYSTEM32>\system23
- %TEMP%\FFPXOMEV8
- %TEMP%\FFPXOMEV7
- %TEMP%\FFPXOMEV2.txt
- 've####avs.no-ip.biz':23
- DNS ASK dn#.##ftncsi.com
- DNS ASK ve####avs.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'