Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'UnLoad_TorProject' = '%APPDATA%\Microsoft Update\UnLoad.exe'
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\cvtres.exe' /NOLOGO /READONLY /MACHINE:IX86 "/OUT:%TEMP%\RES2.tmp" "%TEMP%\CSC1.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\csc.exe' /noconfig /fullpaths @"%TEMP%\ue5sfiq3.cmdline"
- %TEMP%\RES2.tmp
- %TEMP%\ue5sfiq3.dll
- %APPDATA%\LiteDB\xRealIP.xml
- %TEMP%\CSC1.tmp
- %TEMP%\ue5sfiq3.0.cs
- %TEMP%\ue5sfiq3.cmdline
- %TEMP%\ue5sfiq3.out
- %TEMP%\ue5sfiq3.out
- %TEMP%\ue5sfiq3.cmdline
- %TEMP%\ue5sfiq3.dll
- %TEMP%\RES2.tmp
- %TEMP%\CSC1.tmp
- %TEMP%\ue5sfiq3.0.cs
- 'ru.##art-ip.net':80
- 'ch####p.dyndns.org':80
- 'ip.#ip.ru':80
- '2i#.ru':80
- 'pe####.torproject.org':443
- 'wp#d':80
- 'un##ads.ru':80
- 'wi###fting.ru':80
- ru.##art-ip.net/myip
- 2i#.ru/
- ip.#ip.ru/
- ch####p.dyndns.org/
- wp#d/wpad.dat
- wi###fting.ru/stays.html
- un##ads.ru/check.tor
- DNS ASK ru.##art-ip.net
- DNS ASK ch####p.dyndns.org
- DNS ASK ip.#ip.ru
- DNS ASK 2i#.ru
- DNS ASK pe####.torproject.org
- DNS ASK wp#d
- DNS ASK un##ads.ru
- DNS ASK wi###fting.ru
- ClassName: 'Indicator' WindowName: ''