Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NV1test' = '%WINDIR%\$hf_mig$\KB923561\update\836D4C9DF83F78.exe'
- '%WINDIR%\ime\conime.exe' -runself
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\`.bat" -in"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\1.bat" "
- %WINDIR%\2.ini
- %WINDIR%\Debug\UserMode836D4C9DF83F78\NV1test.004.tmp
- %WINDIR%\Debug\UserMode836D4C9DF83F78\NV1test.003.tmp
- %WINDIR%\$hf_mig$\KB923561\update\836D4C9DF83F78.exe
- %WINDIR%\Help\t836D4C9DF83F78.hlp
- %WINDIR%\Debug\UserMode836D4C9DF83F78\AcVenr836D4C9DF83F78alsp.tmp
- %WINDIR%\ime\conime.exe
- %WINDIR%\`.bat
- %WINDIR%\1.bat
- %WINDIR%\Debug\UserMode836D4C9DF83F78\NV1test.002.tmp
- %WINDIR%\Debug\UserMode836D4C9DF83F78\NV1test.001.tmp
- %WINDIR%\Debug\UserMode836D4C9DF83F78\NV1test.000.tmp
- %WINDIR%\ime\conime.exe в %WINDIR%\Debug\UserMode836D4C9DF83F78\836D4C9DF83F78ukltp.tmp.bak
- %WINDIR%\`.bat
- 'fz##.3322.org':4321
- 'any':801
- 'www.so##.com':80
- DNS ASK qs####u2.3322.org
- DNS ASK fz##.3322.org
- DNS ASK www.so##.com