Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'CYKKgPBseXCicJowTnrkMgsMiC' = '<SYSTEM32>\uKoCAqyxUWlsQM.exe'
- [<HKLM>\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\explorer.exe' = '%WINDIR%\explorer.exe:*:Enabled:CYKKgPBseXCicJowTnrkMgsMiC'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%WINDIR%\explorer.exe"
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Check.lnk
- <SYSTEM32>\uKoCAqyxUWlsQM.exe
- 'ed##l.pw':80
- ed##l.pw/jspr/
- DNS ASK ed##l.pw
- ClassName: '' WindowName: ' H?????????????????????? '