Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Audio HD Driver' = '%APPDATA%\tencoder.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows-Audio-HD-Driver-Component' = '"<SYSTEM32>\Audio-HD-Service.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\tencoder.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\tencoder.exe'
- скрытых файлов
- '%CommonProgramFiles%\Windows-Auth-Host-Service.exe'
- '<SYSTEM32>\Audio-HD-Service.exe'
- <SYSTEM32>\Audio-HD-Service.exe
- %CommonProgramFiles%\Windows-Auth-Host-Service.exe
- %TEMP%\tencoder.exe
- %APPDATA%\tencoder.exe
- <SYSTEM32>\Audio-HD-Service.exe
- %CommonProgramFiles%\Windows-Auth-Host-Service.exe
- %TEMP%\tencoder.exe
- %APPDATA%\tencoder.exe
- 'cr#.w2c.ru':80
- 'wp#d':80
- wp#d/wpad.dat
- cr#.w2c.ru/html_docs/gate.php
- DNS ASK cr#.w2c.ru
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'