Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\PortTalk] 'ImagePath' = 'System32\Drivers\PortTalk.sys'
- %TEMP%\RarSFX0\victoria43.exe
- %TEMP%\RarSFX0\vcr40.ini
- %TEMP%\RarSFX0\DOCS\history.txt
- <DRIVERS>\PortTalk.sys
- %TEMP%\RarSFX0\DOCS\vcr42doc.rtf
- %TEMP%\RarSFX0\porttalk.sys
- %TEMP%\RarSFX0\LOGS\Passp_ST1000DX001-SSHD-8GB_Z4YDS8LX.bin
- %TEMP%\RarSFX0\LOGS\eventlog.txt
- %TEMP%\RarSFX0\LOGS\Passp_TOSHIBA MK2552GSX_982CF3L3S.bin
- %TEMP%\RarSFX0\LOGS\Passp_WDC WD10EZEX-60ZF5A0_WD-WMC1S7287584.bin
- %TEMP%\RarSFX0\LOGS\Passp_TOSHIBA MK5059GSXP_51I6P0A0T.bin
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\RarSFX0\victoria43.exe'