Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Audio HD Driver' = '%APPDATA%\german.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows-Audio-HD-Driver-Component' = '"<SYSTEM32>\Audio-HD-Service.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\german.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\german.exe'
- скрытых файлов
- %CommonProgramFiles%\Windows-Auth-Host-Service.exe
- <SYSTEM32>\Audio-HD-Service.exe
- <SYSTEM32>\Audio-HD-Service.exe
- %CommonProgramFiles%\Windows-Auth-Host-Service.exe
- %TEMP%\german.exe
- %APPDATA%\german.exe
- <SYSTEM32>\Audio-HD-Service.exe
- %CommonProgramFiles%\Windows-Auth-Host-Service.exe
- %TEMP%\german.exe
- %APPDATA%\german.exe
- 'cr#.w2c.ru':80
- 'wp#d':80
- wp#d/wpad.dat
- cr#.w2c.ru/html_docs/gate.php
- DNS ASK cr#.w2c.ru
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''