Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'b2601dc9bc13d32068139bab14ea91f1' = '"%TEMP%\CClleaner.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'b2601dc9bc13d32068139bab14ea91f1' = '"%TEMP%\CClleaner.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\b2601dc9bc13d32068139bab14ea91f1.exe
- %TEMP%\CClleaner.exe
- <SYSTEM32>\netsh.exe firewall add allowedprogram "%TEMP%\CClleaner.exe,ĢCClleaner.exe" ENABLE
- %TEMP%\CClleaner.exe
- 'kh###.zapto.org':1177
- DNS ASK kh###.zapto.org
- ClassName: 'Indicator' WindowName: ''