Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\AOFfiIdhPMWd.lnk
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\cKRK.exe' "%APPDATA%\GAXYH.au3"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- %APPDATA%\GAXYH.au3
- %APPDATA%\Imminent\Logs\19-10-2016
- %APPDATA%\cKRK.exe
- %TEMP%\aut1.tmp
- %TEMP%\mtspeda
- %HOMEPATH%\wc13olhTPAobi0AL\GAXYH.au3
- %HOMEPATH%\wc13olhTPAobi0AL\cKRK.exe
- %TEMP%\mtspeda
- %TEMP%\aut1.tmp
- %APPDATA%\cKRK.exe в %HOMEPATH%\wc13olhTPAobi0AL\cKRK.exe
- %APPDATA%\GAXYH.au3 в %HOMEPATH%\wc13olhTPAobi0AL\GAXYH.au3
- 'su#####toptas.zapto.org':4000
- DNS ASK su#####toptas.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''