Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\8e252d76] 'Name' = '%TEMP%\espC27D.tmp'
- [<HKLM>\SYSTEM\ControlSet002\Services\aAAAaaA] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\aAAAaaA] 'Start' = '00000001'
- '<SYSTEM32>\spoolsv.exe'
- <SYSTEM32>\spoolsv.exe
- ClassName: '____AVP.Root' WindowName: '(null)'
- <DRIVERS>\aAAAaaA.sys
- %TEMP%\sys8AD7.tmp
- %TEMP%\espC27D.tmp
- %TEMP%\sys8AD7.tmp
- %TEMP%\espC27D.tmp
- '43#########089b4c27b95fec802d8b4.net':80
- 43#########089b4c27b95fec802d8b4.net/track_c.cgi
- DNS ASK 43#########089b4c27b95fec802d8b4.net