Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\tsykgp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\tsykgp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\tsykgp] 'Start' = '00000002'
- %TEMP%\1231.exe
- <SYSTEM32>\svchost.exe -k tsykgp
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\ОТµДХХЖ¬001.jpg
- <SYSTEM32>\0069343.imi
- <SYSTEM32>\daikna.fdc
- %TEMP%\ОТµДХХЖ¬001.jpg
- %TEMP%\1231.exe
- 'ma#####nk6666.3322.org':80
- ma#####nk6666.3322.org/20120050012/163938/239203.jsp
- ma#####nk6666.3322.org/20120050012/163953/254453.jsp
- ma#####nk6666.3322.org/20120050012/163925/226187.jsp
- ma#####nk6666.3322.org/20120050012/163752/132765.jsp
- ma#####nk6666.3322.org/20120050012/163830/171093.jsp
- DNS ASK ma#####nk6666.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''