Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Sound Blaster' = '%WINDIR%\soundblaster.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Video Effects' = '%APPDATA%\iexplore\soundblaster.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Video Effects' = '%WINDIR%\iexplore.exe'
- %WINDIR%\soundblaster.exe
- %HOMEPATH%\time.dat
- %APPDATA%\iexplore\soundblaster.exe
- %APPDATA%\iexplore\iexplore.exe
- %WINDIR%\iexplore.exe
- 'localhost':22250
- 'te##.#ermenia.pl':22250
- '18#.#5.148.85':22250
- DNS ASK te####f.permenia.pl
- DNS ASK te##.#ermenia.pl
- ClassName: 'Indicator' WindowName: ''