Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows MineFilter Diagnostics Service] 'Start' = '00000002'
- %PROGRAM_FILES%\MineFilter\mineeqsvc.exe /start /i
- %PROGRAM_FILES%\MineFilter\mineeqsvc.ex_ /u /stop
- <SYSTEM32>\midiasvc.exe /start /i
- %PROGRAM_FILES%\MineFilter\minerun.ex_
- %PROGRAM_FILES%\MineFilter\mineeqsvc.ex_
- %PROGRAM_FILES%\MineFilter\mineeqnad.dl_
- %PROGRAM_FILES%\MineFilter\Log\MineFilter_up_20110603.txt
- <LS_APPDATA>\MineFilter\user.ini
- %PROGRAM_FILES%\MineFilter\mine_uins.dat
- %PROGRAM_FILES%\MineFilter\uninst.exe
- %PROGRAM_FILES%\MineFilter\mineeq.dl_
- %TEMP%\~nsis\c3a007\mineeqnad.dll
- <SYSTEM32>\midiasvc.exe
- %TEMP%\nsw2.tmp\nsProcess.dll
- %TEMP%\nsw2.tmp\System.dll
- %TEMP%\nsw2.tmp\newadvsplash.dll
- %TEMP%\nsw2.tmp\splash.jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mine_svc[1].php
- %TEMP%\nsw2.tmp\splash.jpg
- %TEMP%\nsw2.tmp\System.dll
- %TEMP%\nsw2.tmp\nsProcess.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mine_svc[1].php
- %TEMP%\nsw2.tmp\newadvsplash.dll
- 'de#####.minefilter.com':80
- de#####.minefilter.com/mine_svc.php?ac############################################################################################################################################################################
- de#####.minefilter.com/mine_report.php
- DNS ASK de#####.minefilter.com