Техническая информация
- [<HKLM>\SYSTEM\CONTROLSET003\Services\LMntpsa] 'start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\yorvycfq] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\LMntpsa] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\LMntpsa] 'start' = '00000002'
- %TEMP%\08-2-24.exe
- %TEMP%\РѕЖ¬ЧйЗэ¶Ї.exe
- <SYSTEM32>\svchost.exe -k LMntpsa
- NtDeviceIoControlFile, драйвер-обработчик: idiqqx.SYS
- <DRIVERS>\idiqqx.SYS
- <SYSTEM32>\idiqqx.dll
- %TEMP%\ext5.tmp
- %TEMP%\plf4.tmp
- %TEMP%\08-2-24.exe
- %TEMP%\РѕЖ¬ЧйЗэ¶Ї.exe
- %TEMP%\ext3.tmp
- <SYSTEM32>\0047b73.log
- %TEMP%\wel2.tmp
- %TEMP%\ext5.tmp
- %TEMP%\08-2-24.exe
- %TEMP%\ext3.tmp
- %TEMP%\wel2.tmp
- 'lr##.3322.org':8181
- DNS ASK lr##.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''