Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msgsmgr' = '<SYSTEM32>\nbtsdump.exe'
- '<SYSTEM32>\attrib.exe' -r -s -h "<Полный путь к файлу>"
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\171046.bat" "<Полный путь к файлу>""
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- safari.exe
- ICQ.exe
- skype.exe
- opera.exe
- chrome.exe
- firefox.exe
- iexplore.exe
- %WINDIR%\Explorer.EXE
- <Текущая директория>\171046.bat
- <SYSTEM32>\nbtsdump.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'Button' WindowName: 'Open'
- ClassName: '' WindowName: ' !"#$%&'
- ClassName: '' WindowName: ' '
- ClassName: 'Item' WindowName: ''
- ClassName: '' WindowName: ' !"#$%&()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ЂЃ‚Ѓ„…†‡€‰Љ‹ЊЌЋЏЂ‘’“”•–—™Љ›ЊЌЋЏ ЎЎЈ¤Ґ¦§Ё©Є«¬®Ї°±ІІҐµ¶·Ё№Є»Ј...
- ClassName: '' WindowName: 'File'
- ClassName: '㴼㼾䅀䍂䕄䝆䥈䭊䵌低児卒啔坖奘孚嵜彞䅠䍂䕄䝆䥈䭊䵌低児卒啔坖奘筚絼罾膀膂薄螆覈變趌辎醀鎒閔鞖馘鮊趌辎ꆠꎡꖤꞦꦨꮪ궬꾮퓪粐胿粑ﲌȀ' WindowName: ''
- ClassName: '??????????????????????????????????????????????????????????????????' WindowName: ''