Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ias] 'Start' = '00000002'
- 'C:\іМРтУЕ»Ї.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\И«Ч°±ёНјЖ¬.jpg
- <SYSTEM32>\tbkyvnibvw
- %HOMEPATH%\Recent\И«Ч°±ёНјЖ¬.lnk
- %HOMEPATH%\Recent\Local Disk (C).lnk
- <SYSTEM32>\tsmlmtnwvn
- C:\іМРтУЕ»Ї.exe
- C:\И«Ч°±ёНјЖ¬.jpg
- %TEMP%\rmkhhgudty.log
- <Текущая директория>\njneeiadmm
- <SYSTEM32>\config\SysEvent.Evt
- C:\іМРтУЕ»Ї.exe
- <SYSTEM32>\tsmlmtnwvn
- <SYSTEM32>\tbkyvnibvw
- <Текущая директория>\njneeiadmm
- <SYSTEM32>\config\AppEvent.Evt
- <SYSTEM32>\config\SecEvent.Evt
- %TEMP%\rmkhhgudty.log в %PROGRAM_FILES%\StormII\lqguk.obj
- 'xr###.3322.org':35718
- DNS ASK www.ba##u.com
- DNS ASK www.16#.com
- DNS ASK xr###.3322.org
- DNS ASK q1#####7074.gicp.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''