Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\sxwl1327365322\WinFlash.exe' = '<SYSTEM32>\sxwl1327365322\WinFlash.exe:*:Enabled:КўРРНшВз'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\sxwl1327365322\WinSky.exe' = '<SYSTEM32>\sxwl1327365322\WinSky.exe:*:Enabled:КўРРНшВз'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- <SYSTEM32>\ntvdm.exe -f -i1
- <SYSTEM32>\regsvr32.exe /s /c <SYSTEM32>\sxwl1327365322\WinBar.dll
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- <SYSTEM32>\sxwl1327365322\WinSky.exe
- %HOMEPATH%\Desktop\Нш°ЙОАКї.lnk
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b88.b8c.370001'