Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Extension' = '%ALLUSERSPROFILE%\Application Data\SExtension\FLV_Plugin.exe'
- '%ALLUSERSPROFILE%\Application Data\SExtension\FLV_Plugin.exe'
- %ALLUSERSPROFILE%\Application Data\SExtension\FLV_Plugin.exe
- %ALLUSERSPROFILE%\Application Data\SExtension\Updater.exe
- %TEMP%\32FAC.dmp
- %TEMP%\dw.log
- %ALLUSERSPROFILE%\Application Data\SExtension\Ionic.Zip.dll
- %ALLUSERSPROFILE%\Application Data\SExtension\log_635405447496093750.txt
- %ALLUSERSPROFILE%\Application Data\SExtension\Newtonsoft.Json.dll
- %ALLUSERSPROFILE%\Application Data\SExtension\System.Data.SQLite.dll
- 'se####fromparis.com':80
- 'wp#d':80
- se####fromparis.com/extFiles/start.txt
- wp#d/wpad.dat
- DNS ASK www.se####fromparis.com
- DNS ASK wp#d
- DNS ASK se####fromparis.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'