Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{D8841311-5MQ2-J8H3-RDU0-0MQLFLE6C52Q}] 'StubPath' = 'c:\system security\antivirus for windows\cleaner\server.exe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU_system anti' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM_system anti' = ''
- C:\system security\antivirus for windows\cleaner\server.exe
- %TEMP%\server.exe
- %APPDATA%\%USERNAME%log.dat
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%8
- %TEMP%\server.exe
- C:\system security\antivirus for windows\cleaner\server.exe
- %TEMP%\%USERNAME%2.txt
- %APPDATA%\%USERNAME%log.dat
- C:\system security\antivirus for windows\cleaner\server.exe
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%2.txt
- %TEMP%\server.exe
- 'localhost':81
- ClassName: 'Indicator' WindowName: ''