Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\4tyfne] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsvcs'
- [<HKLM>\SYSTEM\ControlSet001\Services\4tyfne] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- 'C:\QQGameDl.exe'
- '%WINDIR%live.scr' /S
- %WINDIR%\MySomeInfo.ini
- %WINDIR%\HowArMe.txt
- %WINDIR%\HowArMe.reg
- <SYSTEM32>\0DWXGN.dll
- C:\QQGameDl.exe
- C:\Factory.dll
- %WINDIR%live.scr
- C:\QQGameDl.exe
- C:\Factory.dll
- %WINDIR%live.scr
- %WINDIR%\HowArMe.txt
- %WINDIR%\HowArMe.reg
- %WINDIR%\MySomeInfo.ini
- %WINDIR%live.scr в <SYSTEM32>\156750.bak
- %WINDIR%\HowArMe.txt
- 'my##.3322.org':8000
- DNS ASK my##.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''