Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SupraSavingsService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\netfilter] 'Start' = '00000001'
- '%PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\znjxnhqeua.exe'
- '%PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\znjxnhqeua.exe' install
- '%PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\nfregdrv.exe' netfilter
- '<SYSTEM32>\sc.exe' start SupraSavingsService
- '<SYSTEM32>\cmd.exe' /c "%PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\sd32.bat"
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\libeay32.dll
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\ssleay32.dll
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\sd32.bat
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\uninstall_a.exe
- <DRIVERS>\netfilter.sys
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\ProtocolFilters.dll
- %TEMP%\nse2.tmp\System.dll
- %TEMP%\nse2.tmp\UserInfo.dll
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\znjxnhqeua.exe
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\nfapi.dll
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\nfregdrv.exe
- %TEMP%\nse2.tmp\UserInfo.dll
- %TEMP%\nse2.tmp\System.dll
- %PROGRAM_FILES%\CB7F8E3E-62F8-4E72-BE96-1520352D6391\sd32.bat