Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'vMi29Tk' = '%HOMEPATH%\jLs84Dm\vbc.exe'
- '%APPDATA%\Realtek\AudioC0dec.exe'
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.dat
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.svr
- %TEMP%\aut2.tmp
- %APPDATA%\Realtek\AudioC0dec.exe
- %TEMP%\aut1.tmp
- %HOMEPATH%\jKl12Nx.UH4
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.nfo
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.dat
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.svr
- %HOMEPATH%\jKl12Nx.UH4
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.nfo
- %TEMP%\aut2.tmp
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.nfo
- %TEMP%\aut1.tmp
- %APPDATA%\Microsoft\Windows\jckptVXlgk\jckptVXlgk.svr
- 'ja#######ngsetts.ignorelist.com':999
- 'pl#####.serveexchange.com':999
- 'ja#########irectupdate.servehttp.com':999
- 'localhost':1038
- 'up######.serveexchange.com':999
- 'se#######conecction.loginto.me':999
- DNS ASK pl#####.serveexchange.com
- DNS ASK ja#########irectupdate.servehttp.com
- DNS ASK ja#######ngsetts.ignorelist.com
- DNS ASK up######.serveexchange.com
- DNS ASK se#######conecction.loginto.me
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''