Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{1PFA0RG2-DI7P-1W14-217K-212CW24T7ACW}] 'StubPath' = '%WINDIR%\wininit\winlogon.exe Restart'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{1PFA0RG2-DI7P-1W14-217K-212CW24T7ACW}] 'StubPath' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft' = ''
- %TEMP%\jxpiinstall.exe
- %WINDIR%\wininit\winlogon.exe
- %TEMP%\21.exe
- %TEMP%\server.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\jusched.log
- %TEMP%\jxpiinstall.exe
- %APPDATA%\%USERNAME%log.dat
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%2.txt
- %TEMP%\21.exe
- %TEMP%\21.exe.nb5.tmp
- %TEMP%\server.exe
- %WINDIR%\wininit\winlogon.exe
- %TEMP%\jxpiinstall.exe.nb5.tmp
- %APPDATA%\%USERNAME%log.dat
- %TEMP%\%USERNAME%2.txt
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %TEMP%\21.exe.nb5.tmp
- %TEMP%\jxpiinstall.exe.nb5.tmp
- %WINDIR%\wininit\winlogon.exe
- 'tu####al.myftp.biz':100
- 'ja####-esd.sun.com':80
- DNS ASK tu####al.myftp.biz
- DNS ASK sp####21.no-ip.biz
- DNS ASK ja####-esd.sun.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''