Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '459f4dd67878d9dbd95057866cda4728' = '"%WINDIR%\SystemWindows.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '459f4dd67878d9dbd95057866cda4728' = '"%WINDIR%\SystemWindows.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\459f4dd67878d9dbd95057866cda4728.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\SystemWindows.exe' = '%WINDIR%\SystemWindows.exe:*:Enabled:SystemWindows.exe'
- '%WINDIR%\SystemWindows.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\SystemWindows.exe" "SystemWindows.exe" ENABLE
- %WINDIR%\SystemWindows.exe
- '77####72.no-ip.org':1177
- DNS ASK 77####72.no-ip.org
- ClassName: 'Indicator' WindowName: '(null)'