Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Crome Update' = '<SYSTEM32>\lsaas.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{762306B6-4BDD-3CB3-27F8-4653081DC831}] 'StubPath' = '<SYSTEM32>\lsaas.exe'
- %TEMP%\_MEI27882\msvcm90.dll
- %TEMP%\_MEI27882\msvcp90.dll
- %TEMP%\_MEI27882\msvcr90.dll
- %TEMP%\_MEI27882\python27.dll
- <SYSTEM32>\lsaas.exe
- %TEMP%\_MEI27882\gcc-exe.exe.manifest
- %TEMP%\_MEI27882\pywintypes27.dll
- %TEMP%\_MEI27882\Microsoft.VC90.CRT.manifest
- %TEMP%\_MEI27882\win32api.pyd
- %TEMP%\_MEI27882\kernel32.dll
- %TEMP%\_MEI27882\_hashlib.pyd
- %TEMP%\_MEI27882\_ctypes.pyd
- %TEMP%\_MEI27882\bz2.pyd
- %TEMP%\_MEI27882\unicodedata.pyd
- %TEMP%\_MEI27882\select.pyd
- 'em####.no-ip.biz':1985
- 'em####.no-ip.info':11522
- 'em####.no-ip.info':443
- DNS ASK em####.no-ip.biz
- DNS ASK em####.no-ip.info