Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- %WINDIR%\Explorer.EXE
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- %TEMP%\injector2.exe
- %TEMP%\123000_res.tmp
- %TEMP%\125625_res.tmp
- %TEMP%\~__UNINST.EXE
- %TEMP%\~pmThis.tmp
- %TEMP%\injector.exe
- <SYSTEM32>\RimbtqC.dll
- <SYSTEM32>\RpmutxC.dll
- %TEMP%\injector2.exe
- %TEMP%\injector.exe
- %TEMP%\~pmThis.tmp
- 're####e0.8866.org':6410
- DNS ASK re####e0.8866.org
- ClassName: 'shell_traywnd' WindowName: ''
- ClassName: '18467-41' WindowName: ''