Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'SafetyCenter' = 'c:\SafetyCenter\start.exe'
- [<HKLM>\SOFTWARE\Classes\CLSID\{459b6bf8-5320-4c41-8833-85baedf31086}\Shell\Open\Command] '' = 'c:\SafetyCenter\protector.exe'
- '<SYSTEM32>\mshta.exe' http://95.##1.129.30/install.php?id#
- opera.exe
- ICQ.exe
- firefox.exe
- C:\SafetyCenter\new.exe
- C:\SafetyCenter\uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].php
- C:\SafetyCenter\start.exe
- C:\SafetyCenter\sound.wav
- C:\SafetyCenter\main.ico
- C:\SafetyCenter\protector.exe
- '95.##1.129.30':80
- 'localhost':1037
- http://95.##1.129.30/install.php?id#
- ClassName: 'HTML Application Host Window Class' WindowName: 'c71e7a0f-e634-4e08-8a6e-64709a09dd18'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'TForm1' WindowName: 'Safety Center'