Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nationaleqi] 'Start' = '00000002'
- '%WINDIR%\·АјмІв.exe'
- '<SYSTEM32>\ggiogq.exe'
- '%WINDIR%\№э·З·Ё.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %WINDIR%\Temp\svchost.exe
- %WINDIR%\·АјмІв.exe
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini
- <SYSTEM32>\GroupPolicy\gpt.ini
- %TEMP%\Memory121625.res
- %TEMP%\lazycommon.dll
- <SYSTEM32>\ggiogq.exe
- %WINDIR%\№э·З·Ё.exe
- %WINDIR%\№э·З·Ё.exe
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini в <SYSTEM32>\GroupPolicy\user\Scripts\scripts.ini
- 'da###0.3322.org':80
- 'localhost':2000
- 'www.mo#####imojimoji.com':38774
- DNS ASK da###0.3322.org
- DNS ASK www.mo#####imojimoji.com
- ClassName: 'Shell_TrayWnd' WindowName: ''