Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Winsock Startup' = 'Main2.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Winsock Startup' = 'Main2.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Winsock Startup' = 'Main2.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Winsock Startup' = 'Main2.exe'
- Cредство проверки системных файлов (SFC)
- <SYSTEM32>\Main2.exe
- <SYSTEM32>\Main2.exe
- '66.##2.29.230':6667
- ClassName: 'Indicator' WindowName: '(null)'