Техническая информация
- <SYSTEM32>\rundll32.exe
- <SYSTEM32>\net1.exe stop cryptsvc
- <SYSTEM32>\sc.exe delete cryptsvc
- <SYSTEM32>\net.exe stop cryptsvc
- <SYSTEM32>\sc.exe config cryptsvc start= disabled
- <SYSTEM32>\ksuser.dll
- <SYSTEM32>\dllcache\ksuser.dll
- <SYSTEM32>\chinasougou.ime
- %TEMP%\1317304404.dat
- <SYSTEM32>\DVR003402.dll
- %TEMP%\1317304404.dat
- ClassName: 'CicLoaderWndClass' WindowName: ''