Техническая информация
- <SYSTEM32>\midimap.dll файлом <SYSTEM32>\midimap.dll
- <SYSTEM32>\sc.exe delete cryptsvc
- <SYSTEM32>\rundll32.exe
- <SYSTEM32>\net1.exe stop cryptsvc
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen "%TEMP%\mibaoka.JPG"
- <SYSTEM32>\net.exe stop cryptsvc
- <SYSTEM32>\sc.exe config cryptsvc start= disabled
- <SYSTEM32>\YUmidimap.dll
- <SYSTEM32>\dllcache\ksuser.dll
- <SYSTEM32>\sysapp19.dll
- <SYSTEM32>\dllcache\midimap.dll
- %TEMP%\mibaoka.JPG
- %TEMP%\mibaok.exe
- <SYSTEM32>\ksuser.dll
- %TEMP%\1309779124.dat
- %TEMP%\1309779124.dat
- <SYSTEM32>\midimap.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''