Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'CtQsGeKv' = '%TEMP%\CtQsGeKv\ehxJ.exe'
- '%TEMP%\CtQsGeKv\ehxJ.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %APPDATA%\Imminent\Logs\13-09-2014
- %HOMEPATH%\olShTQ.txt
- %TEMP%\CtQsGeKv\ehxJ.exe
- %HOMEPATH%\olShTQ.txt
- 'th#####arry.no-ip.biz':9003
- DNS ASK th#####arry.no-ip.biz
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''