Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Uninter Arssnicvn] 'Start' = '00000002'
- %WINDIR%\Uninter Arssnicvn.exe
- C:\1.exe
- C:\ЦсРщНј±кµгББЖч.exe
- <SYSTEM32>\cmd.exe /c c:\duxjpee.bat
- %TEMP%\_eviip.tmp
- C:\duxjpee.bat
- %WINDIR%\Fonts\92c34cb120b605e05fefb7173e113487.dat
- %TEMP%\BClib\krnln.fnr
- %TEMP%\BClib\krnln.fne
- %TEMP%\BClib\Exmlrpc.fne
- %TEMP%\BClib\dp1.fne
- %WINDIR%\Uninter Arssnicvn.dll
- C:\1.exe
- C:\ЦсРщНј±кµгББЖч.exe
- %TEMP%\E_4\krnln.fnr
- %WINDIR%\Uninter Arssnicvn.exe
- %TEMP%\E_4\dp1.fne
- %TEMP%\E_4\Exmlrpc.fne
- %WINDIR%\Uninter Arssnicvn.dll
- %WINDIR%\Uninter Arssnicvn.exe
- C:\1.exe
- 'ty##.3322.org':19820
- 'ui.###ogin2.qq.com':443
- 'localhost':1036
- DNS ASK ty##.3322.org
- DNS ASK ui.###ogin2.qq.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''