Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\systems] 'Start' = '00000002'
- скрытых файлов
- %WINDIR%\snss.exe "C:\\DNF±ґ±ґ.exe"
- C:\systems.exe
- C:\DNF±ґ±ґ.exe
- %TEMP%\_eviip.tmp
- %WINDIR%\Fonts\bcffe56821dd9f51195cbf777f53acfc.dat
- <SYSTEM32>\systems.dll
- %TEMP%\BClib\krnln.fnr
- %TEMP%\BClib\krnln.fne
- %TEMP%\BClib\Exmlrpc.fne
- %TEMP%\BClib\dp1.fne
- C:\systems.exe
- C:\DNF±ґ±ґ.exe
- %TEMP%\E_4\krnln.fnr
- %WINDIR%\snss.exe
- %TEMP%\E_4\dp1.fne
- %TEMP%\E_4\Exmlrpc.fne
- <SYSTEM32>\systems.dll
- %TEMP%\~DFFD3C.tmp
- 'ku###.3322.org':80
- 'xz#.#ouluna.com':80
- xz#.#ouluna.com/2.txt
- DNS ASK ku###.3322.org
- DNS ASK xz#.#ouluna.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''