Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\AutoStart.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Program' = '%APPDATA%\Program.exe'
- скрытых файлов
- AVP.EXE
- bdagent.exe
- zlclient.exe
- %TEMP%\AutoStart.exe
- %APPDATA%\Program.exe
- %TEMP%\AutoStart.exe
- '40##.awarax.com':80
- 'wp#d':80
- wp#d/wpad.dat
- 40##.awarax.com/N0ise/connect.php
- DNS ASK 40##.awarax.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''