Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Ccleanr.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ALLUSERSPROFILE%\Explorer.exe' = '%ALLUSERSPROFILE%\Explorer.exe:*:Enabled:Explorer.exe'
- '%TEMP%\Ccleanr.exe'
- '%ALLUSERSPROFILE%\Explorer.exe'
- '%TEMP%\emad-mjd.exe'
- '%TEMP%\is-SKKN9.tmp\emad-mjd.tmp' /SL5="$100E2,578301,53248,%TEMP%\emad-mjd.exe"
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%ALLUSERSPROFILE%\Explorer.exe" "Explorer.exe" ENABLE
- %TEMP%\is-SKKN9.tmp\emad-mjd.tmp
- %TEMP%\is-EG1RS.tmp\_isetup\_shfoldr.dll
- %ALLUSERSPROFILE%\Explorer.exe
- %TEMP%\emad-mjd.exe
- %TEMP%\aut1.tmp
- %TEMP%\Ccleanr.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'me####14.ddns.net':1177
- DNS ASK me####14.ddns.net
- ClassName: 'Shell_TrayWnd' WindowName: ''