Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'COMODO Official Protector ©' = '"%APPDATA%\Microsoft\services.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Official Protector ©' = '"%TEMP%\services.exe"'
- nod32.exe
- %TEMP%\services.exe
- %APPDATA%\Microsoft\services.exe
- 'si.##adox.nl':666
- DNS ASK si.##adox.nl
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Indicator' WindowName: ''