Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\srvReWinUpProtect] 'Start' = '00000002'
- '%APPDATA%\ReWinUp\protect\ReWinUpProtect.exe'
- %APPDATA%\ReWinUp\protect\utilsDll.dll
- %APPDATA%\ReWinUp\protect\Interop.Shell32.dll
- %APPDATA%\ReWinUp\uninstallkit.exe
- %APPDATA%\ReWinUp\protect\config.xml
- %TEMP%\nsa2.tmp\utils.dll
- %TEMP%\nsa2.tmp\registry.dll
- %APPDATA%\ReWinUp\protect\ReWinUpProtect.exe
- %TEMP%\nsa2.tmp\SimpleSC.dll
- %TEMP%\nsa2.tmp\utils.dll
- %TEMP%\nsa2.tmp\SimpleSC.dll
- %TEMP%\nsa2.tmp\registry.dll
- 'st.##winup.com':443
- DNS ASK st.##winup.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'