Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'GoogleUpdateSetup' = '%WINDIR%\GoogleSetup.exe'
- '%TEMP%\GoogleSetup\setup.exe' --algo scrypt --url http://po##.###e-me-ltc.com:8080 --userpass voltage.CPUSlaves:123456 --threads 4 -s 3
- '%WINDIR%\GoogleSetup.exe'
- %TEMP%\GoogleSetup\pthreadGC2.dll
- %TEMP%\aut4.tmp
- %TEMP%\GoogleSetup\libcurl-4.dll
- %TEMP%\GoogleSetup\setup.exe
- %TEMP%\GoogleSetup\setup.bin
- %TEMP%\aut5.tmp
- %WINDIR%\GoogleSetup.exe
- %WINDIR%\1.crypt
- %TEMP%\aut1.tmp
- %TEMP%\aut3.tmp
- %TEMP%\erqjrgn
- %TEMP%\aut2.tmp
- %TEMP%\aut4.tmp
- %TEMP%\aut3.tmp
- %TEMP%\GoogleSetup\setup.bin
- %TEMP%\aut5.tmp
- %WINDIR%\1.crypt
- %TEMP%\aut1.tmp
- %TEMP%\erqjrgn
- %TEMP%\aut2.tmp
- 'po##.##ve-me-ltc.com':8080
- DNS ASK po##.##ve-me-ltc.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'