Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\COMSysApp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SENS] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SENS\Parameters] 'ServiceDll' = '%ALLUSERSPROFILE%\Application Data\arjlopfilfo.dat'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '<SYSTEM32>\dllhost.exe' /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\svchost.exe
- %WINDIR%\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{AF571490-353C-48D2-B6C3-0D21946E551E}.crmlog
- %ALLUSERSPROFILE%\Documents\oflifpoljra.dat
- %ALLUSERSPROFILE%\Application Data\arjlopfilfo.dat
- %ALLUSERSPROFILE%\Documents\oflifpoljra.dat
- %ALLUSERSPROFILE%\Application Data\arjlopfilfo.dat
- %WINDIR%\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{BF4C4D5C-6924-41E8-9BF1-DCC37DF6F31D}.crmlog