Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Rpc Monitor] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Rpc Monitor] 'ImagePath' = '"%APPDATA%\Nuoipaouspnw.exe" -svc "Aisino Deamon Services"'
- %TEMP%\rarsfx0\service_monitor.exe
- %TEMP%\rarsfx0\nuoyanremind.exe
- %TEMP%\rarsfx0\nuoyanremind.exe.manifest
- %TEMP%\rarsfx0\nydownloader.exe
- %APPDATA%\nuoipaouspnw.exe
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'NuoYanLoginDialog' WindowName: ''
- ClassName: 'imaisinoMainDialog' WindowName: ''
- '%TEMP%\rarsfx0\service_monitor.exe' -repair "Aisino Deamon Services"
- '%TEMP%\rarsfx0\nuoyanremind.exe'