Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'security' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{42CWIVQS-POG8-78V2-BCEA-341F4D62FQU1}] 'StubPath' = '%PROGRAM_FILES%\Flash\svchost.exe Restart'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'security' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FlashUpdate' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adobe' = ''
- <SYSTEM32>\cscript.exe
- %PROGRAM_FILES%\Flash\logs.dat
- %PROGRAM_FILES%\Flash\svchost.exe
- %PROGRAM_FILES%\Flash\logs.dat
- %PROGRAM_FILES%\Flash\svchost.exe
- 'se#####vice.zapto.org':5350
- 'up####ceb.zapto.org':5350
- DNS ASK se#####vice.zapto.org
- DNS ASK up####ceb.zapto.org
- ClassName: 'Indicator' WindowName: ''