Техническая информация
- %PROGRAM_FILES%\addins\evvsvc.scr /S
- %PROGRAM_FILES%\addins\srecos.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %WINDIR%\jpg.jpg
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
- %PROGRAM_FILES%\addins\evvsvc.scr
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1
- C:\srecos.exe
- %WINDIR%\jpg.jpg
- %HOMEPATH%\Recent\jpg.lnk
- %PROGRAM_FILES%\addins\Seext.dll
- %HOMEPATH%\Recent\WINDOWS.lnk
- 'cr#.#hawte.com':80
- 'wp#d':80
- cr#.#hawte.com/ThawteCodeSigningCA.crl
- cr#.#hawte.com/ThawtePremiumServerCA.crl
- wp#d/wpad.dat
- DNS ASK cr#.#hawte.com
- DNS ASK wp#d
- ClassName: '' WindowName: ''
- ClassName: 'CabinetWClass' WindowName: 'addins'
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''