Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- %WINDIR%\Tasks\At1.job
- '%TEMP%\_trillian-crack.exe'
- '%TEMP%\IXP000.TMP\trillian-crack.exe' 2269713053 cXedYDKK 05 0 5 3 BR34518 ALPHBORD Rule1 ddex2 APX34310 drumset _trillian-crack.exe
- '<SYSTEM32>\at.exe' 16:12 /every:W "<SYSTEM32>\sysoocmgr.exe"
- <SYSTEM32>\c_202611.nls
- <SYSTEM32>\c_8775.nls
- <SYSTEM32>\c_4437.nls
- <SYSTEM32>\aaaammon.dll
- <SYSTEM32>\hall.dll
- <SYSTEM32>\cttype.nls
- <SYSTEM32>\c_2202611.nls
- <SYSTEM32>\sysoocmgr.exe
- <SYSTEM32>\expsrvv.dll
- <SYSTEM32>\1056\inf1056.dat
- %TEMP%\IXP000.TMP\ALPHBORD
- %TEMP%\IXP000.TMP\Rule1
- %TEMP%\IXP000.TMP\BR34518
- %TEMP%\IXP000.TMP\trillian-crack.exe
- %TEMP%\IXP000.TMP\2269713053
- %TEMP%\IXP000.TMP\_trillian-crack.exe
- %TEMP%\IXP000.TMP\482329.dll
- %TEMP%\IXP000.TMP\drumset
- %TEMP%\IXP000.TMP\ddex2
- %TEMP%\IXP000.TMP\APX34310
- %TEMP%\IXP000.TMP\trillian-crack.exe
- %TEMP%\IXP000.TMP\2269713053
- %TEMP%\IXP000.TMP\482329.dll
- %TEMP%\IXP000.TMP\trillian-crack.exe.dll.dll
- %TEMP%\IXP000.TMP\trillian-crack.exe.dll
- %TEMP%\IXP000.TMP\BR34518
- %TEMP%\IXP000.TMP\APX34310
- %TEMP%\IXP000.TMP\drumset
- %TEMP%\IXP000.TMP\ddex2
- %TEMP%\IXP000.TMP\ALPHBORD
- %TEMP%\IXP000.TMP\Rule1
- %TEMP%\IXP000.TMP\_trillian-crack.exe в %TEMP%\_trillian-crack.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'