Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Defghi Klmnopqr Tuv] 'Start' = '00000002'
- '%TEMP%\YY协议.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- %PROGRAM_FILES%\Iefg\Nefghijkl.pic
- C:\Net-Temp.ini
- C:\NT_Path.old
- %TEMP%\YY协议.exe
- %WINDIR%\temp132100.dll
- %PROGRAM_FILES%\Iefg\Nefghijkl.pic
- C:\Net-Temp.ini
- %PROGRAM_FILES%\Iefg\Nefghijkl.pic