Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '%PROGRAM_FILES%\conhost.exe "%1" %*'
- [<HKLM>\SYSTEM\ControlSet001\Services\QTUpdate] 'Start' = '00000002'
- %PROGRAM_FILES%\csrss.exe
- %PROGRAM_FILES%\Milestone Antivirus\Milestone Antivirus.exe
- %HOMEPATH%\Start Menu\Programs\Milestone Antivirus\Milestone Antivirus.lnk
- %PROGRAM_FILES%\Milestone Antivirus.ico
- %HOMEPATH%\Desktop\Milestone Antivirus.lnk
- %PROGRAM_FILES%\nuar.old
- %TEMP%\1.tmp
- %PROGRAM_FILES%\csrss.exe
- %PROGRAM_FILES%\Milestone Antivirus\Milestone Antivirus.exe
- %PROGRAM_FILES%\sh4.dat
- %PROGRAM_FILES%\conhost.exe
- %PROGRAM_FILES%\sh3.dat
- 'se#####validation.com':80
- 's-###ernals.com':80
- '74.##5.232.51':80
- 'co######.s-internals.com':80
- se#####validation.com/
- s-###ernals.com/
- 74.##5.232.51/
- co######.s-internals.com/stat/action.php?p=##############################################################
- DNS ASK se#####validation.com
- DNS ASK s-###ernals.com
- DNS ASK google.com
- DNS ASK co######.s-internals.com
- ClassName: 'Shell_TrayWnd' WindowName: ''