Техническая информация
- [<HKLM>\SYSTEM\CONTROLSET003\Services\mdeamail.exe] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\mdeamail.exe] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\mdeamail.exe] 'Start' = '00000002'
- 'C:\hiss.exe'
- '<SYSTEM32>\svchost.exe' -k mdeamail.exe
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\1.jpg
- <SYSTEM32>\qqskal.kll
- %HOMEPATH%\Recent\1.lnk
- %HOMEPATH%\Recent\Local Disk (C).lnk
- C:\1.jpg
- C:\hiss.exe
- <SYSTEM32>\0004ad59.sys
- C:\hiss.exe
- '12#.#59.90.5':7995
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'