Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Boot' = 'C:\Users\%USERNAME%\AppData\slocal\Windows Boot.exe'
- 'C:\Users\%USERNAME%\AppData\wi_log\wi_log.exe'
- 'C:\Users\%USERNAME%\AppData\wi_log\wi_log.exe' (загружен из сети Интернет)
- C:\Users\%USERNAME%\AppData\wi_log\wi_log.exe
- 'wp#d':80
- '13#.#55.216.167':80
- 'localhost':1039
- 13#.#55.216.167/listener.exe
- 13#.#55.216.167/connect.txt
- 13#.#55.216.167/registe.php?na########################################################################################################################################
- wp#d/wpad.dat
- DNS ASK wp#d
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_traywnd' WindowName: ''