Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'mcclient' = '<SYSTEM32>\mcclient.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\ftp.exe' = '<SYSTEM32>\ftp.exe:*:Enabled:File Transfer Program'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\mcclient.exe' = '<SYSTEM32>\mcclient.exe:*:Enabled:mcclient'
- '<SYSTEM32>\mcclient.exe'
- <SYSTEM32>\mcclient.exe
- <SYSTEM32>\mcclient.exe
- 'ch####p.dyndns.org':80
- 'mc######.freehosting.com':80
- ch####p.dyndns.org/
- mc######.freehosting.com/ip.txt?72################
- DNS ASK ch####p.dyndns.org
- DNS ASK mc######.freehosting.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''