Техническая информация
- <DRIVERS>\acpiec.sys
- <DRIVERS>\acpiec.sys файлом <DRIVERS>\SET4.tmp
- <DRIVERS>\SET4.tmp
- '<SYSTEM32>\taskkill.exe' /im egui.exe /f
- '<SYSTEM32>\taskkill.exe' /im ScanFrm.exe /f
- '<SYSTEM32>\rundll32.exe' func.dll, droqp
- '<SYSTEM32>\taskkill.exe' /im ekrn.exe /f
- '<SYSTEM32>\cacls.exe' %WINDIR% /e /p everyone:f
- '<SYSTEM32>\sc.exe' config ekrn start= disabled
- '<SYSTEM32>\cacls.exe' "%TEMP%\" /e /p everyone:f
- ekrn.exe
- <DRIVERS>\SET4.tmp
- <SYSTEM32>\dllcache\acpiec.sys.new
- <SYSTEM32>\phpi.dll
- <SYSTEM32>\func.dll
- <DRIVERS>\SET1.tmp
- %WINDIR%\LastGood\TMP2.tmp
- <DRIVERS>\SET1.tmp
- <DRIVERS>\acpiec.sys в <DRIVERS>\OLD3.tmp
- %WINDIR%\LastGood\TMP2.tmp в %WINDIR%\LastGood\system32\drivers\acpiec.sys
- 'www.2q#y.cn':80
- 'localhost':1039
- www.2q#y.cn/main.dll
- DNS ASK www.2q#y.cn
- ClassName: '' WindowName: ''