Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Wnosrczze] 'Start' = '00000002'
- %CommonProgramFiles%\Queccvsrz.exe
- C:\40ІїЅыКйЦ®Т».exe
- C:\ЛДК®ІїЙ«ЗйЅыКй.exe
- <SYSTEM32>\cmd.exe /c "c:\40ІїЅыКйЦ®Т».exe_And xMe.bat"
- %TEMP%\BClib\krnln.fnr
- %TEMP%\_eviip.tmp
- %WINDIR%\Fonts\b0cb2ffb293274df4380f4bdeaef2c76.dat
- %TEMP%\BClib\dp1.fne
- %PROGRAM_FILES%\Wnosrczze\srvany.exe
- %TEMP%\BClib\krnln.fne
- %TEMP%\BClib\Exmlrpc.fne
- C:\40ІїЅыКйЦ®Т».exe_And xMe.bat
- %TEMP%\E_4\krnln.fnr
- C:\40ІїЅыКйЦ®Т».exe
- C:\ЛДК®ІїЙ«ЗйЅыКй.exe
- %TEMP%\E_4\Exmlrpc.fne
- %CommonProgramFiles%\Queccvsrz.dll
- %CommonProgramFiles%\Queccvsrz.exe
- %TEMP%\E_4\dp1.fne
- %CommonProgramFiles%\Queccvsrz.exe
- %CommonProgramFiles%\Queccvsrz.dll
- C:\ЛДК®ІїЙ«ЗйЅыКй.exe
- C:\40ІїЅыКйЦ®Т».exe
- 'll#####g8888.gnway.net':3355
- DNS ASK ll#####g8888.gnway.net
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''