Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'hp9' = '<SYSTEM32>\hp9.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hp9' = '<SYSTEM32>\hp9.exe'
- %TEMP%\RarSFX0\hp9.exe
- %TEMP%\RarSFX0\index.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\bt4880.bat
- <SYSTEM32>\plugin1.dat
- <SYSTEM32>\hp9.exe
- %TEMP%\RarSFX0\hp9.exe
- %TEMP%\RarSFX0\copfinger.wmv
- %TEMP%\RarSFX0\index.exe
- %TEMP%\bt4880.bat
- 'st####ver.no-ip.com':2000
- 'rs####n.no-ip.com':2000
- DNS ASK st####ver.no-ip.com
- DNS ASK rs####n.no-ip.com
- ClassName: 'WMPlayerApp' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Type32_Main_Window' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''