Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'dc75d1d4ffbb0f0a1291940192d4d141' = '"%TEMP%\igfxpers.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'dc75d1d4ffbb0f0a1291940192d4d141' = '"%TEMP%\igfxpers.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\igfxpers.exe' = '%TEMP%\igfxpers.exe:*:Enabled:igfxpers.exe'
- '%TEMP%\igfxpers.exe'
- '%TEMP%\357.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\igfxpers.exe" "igfxpers.exe" ENABLE
- %TEMP%\igfxpers.exe
- %TEMP%\357.exe
- 'mp#.##rvemp3.com':14725
- DNS ASK mp#.##rvemp3.com
- ClassName: 'Indicator' WindowName: '(null)'