Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{7J12KHX2-Q4NU-C4Q8-8882-660XN088O284}] 'StubPath' = '<SYSTEM32>\WinBit\WinBit.exe Restart'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Policies' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- '<SYSTEM32>\WinBit\WinBit.exe'
- '%HOMEPATH%\My Documents\Adobe\WinDits.exe'
- '<Текущая директория>\import.exe'
- <SYSTEM32>\WinBit\WinBit.exe
- %HOMEPATH%\My Documents\Adobe\WinDits.exe
- %TEMP%\%USERNAME%2.txt
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- <Текущая директория>\kz_music_festival.jpg
- <Текущая директория>\import.exe
- <Текущая директория>\MALU - A PRUEBA DE TI.mp3
- <Текущая директория>\top-hits1.jpg
- <Текущая директория>\music_top_hits.png
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%2.txt
- 'wi######date.servegame.com':1505
- DNS ASK wi######date.servegame.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'