Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'NVIDIA Driver' = '%HOMEPATH%\IEMediaEX\Application\IOSample\windlg.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\spoolsv.exe' = '<SYSTEM32>\spoolsv.exe:*:Enabled:HPLJET'
- %HOMEPATH%\IEMediaEX\Application\IOSample\Susbtub.exe
- %HOMEPATH%\IEMediaEX\Application\IOSample\Pusbtub.exe
- <SYSTEM32>\upnpcont.exe
- <SYSTEM32>\tasklist.exe
- %HOMEPATH%\IEMediaEX\Application\IOSample\detect.dll
- %HOMEPATH%\IEMediaEX\Application\IOSample\windlg.exe
- %HOMEPATH%\IEMediaEX\Application\IOSample\active.dll
- %HOMEPATH%\IEMediaEX\Application\IOSample\Pusbtub.exe
- %HOMEPATH%\IEMediaEX\Application\IOSample\Susbtub.exe
- '20#.#46.249.178':80
- 20#.#46.249.178/blog2/dread.php
- 20#.#46.249.178/blog2/dwrite.php