Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\f5a698ed] 'ImagePath' = '%WINDIR%\3986204405:173631250.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\.<Служебное имя>] 'ImagePath' = '\*'
- %WINDIR%\3986204405:173631250.exe
- %WINDIR%\explorer.exe
- <SYSTEM32>\winlogon.exe
- %WINDIR%\$NtUninstallKB37556$\4121336045\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
- %WINDIR%\$NtUninstallKB37556$\4121336045\L\alehhooo
- %WINDIR%\3986204405:173631250.exe
- '95.#4.46.44':80
- 95.#4.46.44/bad.php?w=#############################################
- 95.#4.46.44/stat2.php?w=###########################################
- 95.#4.46.44/stat2.php?w=##########################################