Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cftmon.exe' = '<SYSTEM32>\cftmon.exe'
- <SYSTEM32>\cftmon.exe
- <SYSTEM32>\wview.exe
- <SYSTEM32>\Cop.exe
- <SYSTEM32>\taskkill.exe /IM ctfmon.exe
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\vbSendMail.dll -s
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\MSWINSCK.OCX -s
- <SYSTEM32>\MSWINSCK.DEP
- <SYSTEM32>\cftmon.exe
- <SYSTEM32>\wview.exe
- <SYSTEM32>\log.tx
- <SYSTEM32>\nic
- <SYSTEM32>\srt
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- <SYSTEM32>\Cop.exe
- <SYSTEM32>\MSWINSCK.OCX
- <SYSTEM32>\vbSendMail.dll
- <SYSTEM32>\ctfmon.exe
- %TEMP%\$inst\temp_0.tmp
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''