Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\W32Time] 'Start' = '00000002'
- C:\13-8527.exe
- <SYSTEM32>\sc.exe config w32time start= auto
- <SYSTEM32>\wscript.exe C:\152140.vbs
- <SYSTEM32>\sc.exe stop w32time
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\game.jpg
- <SYSTEM32>\taskkill.exe /im rundll32.exe /f
- C:\kb-147750.tmp
- C:\Unlock.log
- C:\152140.vbs
- C:\SystemVolume\RCX1.tmp
- C:\13-8527.exe
- C:\game.jpg
- %HOMEPATH%\Recent\Local Disk (C).lnk
- %HOMEPATH%\Recent\game.lnk
- C:\SystemVolume\2A6g1.m
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''