Код:
Ключи реестра: 3
PUP.Optional.ASPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ASPackage, , [8430b402d1b9ac8ae027ea0fcc37e719],
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lecozydy, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jodekezu, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
Параметры реестра: 4
PUP.Optional.Zaxar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ZaxarLoader, "C:\Program Files (x86)\Zaxar\ZaxarLoader.exe" /verysilent, , [9420377f1a70a78f9d49d7469f658d73]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jodekezu|ImagePath, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\jnsv37B2.tmp, , [169e96205832a690e5b61563838247b9]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lecozydy|ImagePath, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\nsf72A.tmpfs, , [486c73432565c472c6d37cfc887d847c]
Trojan.Agent, HKU\S-1-5-21-4110605320-1994838245-1585621978-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Winlogon, D:\Gefest\Share\winlogin.exe, , [377d32844545bb7b121bbda846bef10f]
Папки: 3
PUP.Optional.ASPackage.A, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\ASPackage, , [8430b402d1b9ac8ae027ea0fcc37e719],
PUP.Optional.ASPackage.A, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage, , [b202882ed5b5de58f61224d5798a23dd],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
Файлы: 16
PUP.Optional.Zaxar.A, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\Installer\ZaxarSetup.4.001.108.exe, , [e6ce922498f2b482cdfd015e44bc817f],
PUP.SmsPay, D:\??N??µ????N??? ??N?N?????\???? ???±N??°N?\??N??µ????N??? ??N?N?????\???°??N?\Docke\Advanced_Gif_Animator_Crack.zip.exe, , [734134826e1c60d62c5d228bb34da15f],
PUP.Optional.ASPackage.A, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\ASPackage\Uninstall.exe, , [8430b402d1b9ac8ae027ea0fcc37e719],
PUP.Optional.ASPackage.A, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage\Configure.lnk, , [b202882ed5b5de58f61224d5798a23dd],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\nsf72A.tmpfs, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\jnsv37B2.tmp, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\rnsa3251.exe, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\Uninstall.exe, , [f6be2e88ee9ca78fe42fd6a4bf46916f],
PUP.Optional.MultiPlug.Gen, C:\Users\????????????N?N?N??°N???N?\AppData\Roaming\2DBB1E00-1433319854-11B2-8000-68B59972B695\vnsaE6DA.tmp, , [f6be2e88ee9ca78fe42fd6a4bf46916f],