Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'First Windows Start' = '<SYSTEM32>\framework4.exe'
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- '%TEMP%\ir_ext_temp_0\autorun.exe' "SFXSOURCE:<SYSTEM32>swishmaxcrack.exe"
- '<SYSTEM32>swishmaxcrack.exe'
- %TEMP%\ir_ext_temp_0\AutoPlay\Docs\swishMax4.sfx.exe
- %TEMP%\ir_ext_temp_0\AutoPlay\Buttons\Orange.btn
- %TEMP%\ir_ext_temp_0\AutoPlay\Icons\1123.ico
- %TEMP%\ir_ext_temp_0\autorun.exe
- %TEMP%\ir_ext_temp_0\AutoPlay\Images\4444.gif
- %TEMP%\ir_ext_temp_0\AutoPlay\autorun.cdd
- <SYSTEM32>swishmaxcrack.exe
- <SYSTEM32>\framework4.exe
- %TEMP%\ir_ext_temp_0\1123.ico
- %TEMP%\ir_ext_temp_0\AutoPlay\Audio\High1.ogg
- %TEMP%\ir_ext_temp_0\AutoPlay\Audio\Click1.ogg
- 'localhost':1036
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'