Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\pofilterdrv] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\services\BRApp] 'Start' = '00000002'
- '%PROGRAM_FILES%\BRApp\brapp.exe'
- '%PROGRAM_FILES%\BRApp\brapp.exe' /install /SILENT
- '%PROGRAM_FILES%\BRApp\nfregdrv.exe' <DRIVERS>\pofilterdrv.sys
- '<SYSTEM32>\net1.exe' start BRApp
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %PROGRAM_FILES%\BRApp\nfregdrv.exe
- %PROGRAM_FILES%\BRApp\pofilterdrv.sys
- %TEMP%\nsc478C.tmp\System.dll
- %PROGRAM_FILES%\BRApp\uninst.exe
- %TEMP%\nsc478C.tmp\SelfDel.dll
- %TEMP%\nsc478C.tmp\SimpleSC.dll
- <DRIVERS>\pofilterdrv.sys
- %PROGRAM_FILES%\BRApp\brapp.exe
- %TEMP%\nsc478C.tmp\UserInfo.dll
- %TEMP%\nsh476C.tmp
- %PROGRAM_FILES%\BRApp\nfapi.dll
- %PROGRAM_FILES%\BRApp\ProtocolFilters.dll
- %PROGRAM_FILES%\BRApp\libeay32.dll
- %PROGRAM_FILES%\BRApp\ssleay32.dll
- %TEMP%\nsc478C.tmp\System.dll
- %TEMP%\nsc478C.tmp\UserInfo.dll
- %TEMP%\nsc478C.tmp\SimpleSC.dll
- %PROGRAM_FILES%\BRApp\pofilterdrv.sys
- %TEMP%\nsc478C.tmp\SelfDel.dll
- DNS ASK dn#.##ftncsi.com
- DNS ASK www.br####warellc.com
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''