Техническая информация
- C:\0__te8~\app.exe
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\e3b17916dae1b1065783db3232e38dad.dat""
- <SYSTEM32>\attrib.exe +H +R "C:\0__te8~"
- <SYSTEM32>\cmd.exe /c C:\0__te8~\265.bat
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\temp.jpg
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\3140_71.vbs"
- C:\0__te8~\265.bat
- %PROGRAM_FILES%\3140_71.vbs
- C:\53141.log
- <SYSTEM32>\kb-x86-anti.xml
- C:\log.ini
- C:\ms6421.tmp
- %HOMEPATH%\Recent\Local Disk (C).lnk
- %HOMEPATH%\Recent\temp.lnk
- C:\temp.jpg
- <SYSTEM32>\ms21032.log
- C:\ms7279.tmp
- %TEMP%\113328.tmp
- %TEMP%\113328.tmp
- %PROGRAM_FILES%\3140_71.vbs
- C:\53141.log
- C:\log.ini
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''