Техническая информация
- '%TEMP%\RarSFX0\6.exe'
- '%TEMP%\RarSFX0\6.sfx.exe'
- '<SYSTEM32>\cmd.exe' /c 2.bat
- bdagent.exe
- %TEMP%\RarSFX0\2.bat
- %TEMP%\RarSFX0\6.exe
- %TEMP%\RarSFX0\mm1\Thumbs.db
- C:\2.hiv
- C:\1.hiv
- %WINDIR%\Help\B41346EFA848.dll
- %TEMP%\RarSFX0\mm1\64245_gra_h_riria_h090_122_92lo [%P].jpg
- %TEMP%\RarSFX0\mm1\168_186709_c14ca39c5c19f8a [%P].jpg
- %TEMP%\RarSFX0\6.sfx.exe
- %TEMP%\RarSFX0\mm1\ilj795 [%P].jpg
- %TEMP%\RarSFX0\mm1\aoi1-2 [%P].jpg
- %TEMP%\RarSFX0\mm1\6830216 [%P].jpg
- %WINDIR%\Help\B41346EFA848.dll
- %TEMP%\RarSFX0\mm1\Thumbs.db
- C:\2.hiv
- C:\1.hiv
- %TEMP%\RarSFX0\6.exe
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'