Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'gidle' = '"%TEMP%\gidle.exe"'
- '%TEMP%\sb.exe'
- '%TEMP%\gidle.exe'
- '%TEMP%\PowerISO47.exe'
- '%TEMP%\sb.exe' (загружен из сети Интернет)
- %TEMP%\nsh3.tmp\NSISdl.dll
- %TEMP%\nsp6.tmp\System.dll
- %TEMP%\e4u.exe
- %TEMP%\sb.exe
- %TEMP%\nsp6.tmp\options.ini
- %TEMP%\PowerISO47.exe
- %TEMP%\nsk2.tmp
- %TEMP%\nsk5.tmp
- %TEMP%\gidle.exe
- 'na###aki.info':80
- na###aki.info/crack/e4u.exe
- na###aki.info/crack/sb.exe
- DNS ASK na###aki.info
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'SCDEMUAPP_C2C80BFA WNDCLASS' WindowName: '(null)'