Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system32' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'system32' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{CS66HV6F-658W-64Q1-873H-H1B3L2J1N22T}] 'StubPath' = '<SYSTEM32>\system.exe Restart'
- <SYSTEM32>\system.exe
- %TEMP%\110328.ZZZ
- %TEMP%\110328.KKK
- <SYSTEM32>\logs.dat
- %TEMP%\110328.YYY
- <SYSTEM32>\system.exe
- <SYSTEM32>\plugin.dat
- %TEMP%\110328.XXX
- <SYSTEM32>\plugin.dat
- <SYSTEM32>\system.exe
- <SYSTEM32>\logs.dat
- '??.##caldomain':81
- 'na#####nci6.no-ip.biz':81
- DNS ASK na#####nci6.no-ip.biz
- ClassName: 'Indicator' WindowName: ''