Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'svchost' = '"%TEMP%\cg\run.exe"'
- '%TEMP%\cg\svchost.exe'
- '%TEMP%\cg\run.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\conhost.exe'
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %TEMP%\cg\scrypt130302.cl
- %TEMP%\cg\ssleay32.dll
- %TEMP%\cg\run.exe
- %TEMP%\cg\phatk121016.cl
- %TEMP%\cg\poclbm130302.cl
- %TEMP%\cg\svchost.exe
- \Device\HarddiskVolume1\Boot\BCD.LOG
- \Device\HarddiskVolume1\Boot\BCD
- %TEMP%\cg\zlib1.dll
- %TEMP%\nst511C.tmp\SelfDel.dll
- %TEMP%\cg\diablo130302.cl
- %TEMP%\cg\diakgcn121016.cl
- %TEMP%\cg\cgminer.conf
- %TEMP%\nst511C.tmp\System.dll
- %TEMP%\cg\API.class
- %TEMP%\cg\libcurl.dll
- %TEMP%\cg\libssh2.dll
- %TEMP%\cg\libusb-1.0.dll
- %TEMP%\cg\librtmp.dll
- %TEMP%\cg\libeay32.dll
- %TEMP%\cg\libidn-11.dll
- %TEMP%\nst511C.tmp\System.dll
- %TEMP%\nst511C.tmp\SelfDel.dll