Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\rejoice] 'Start' = '00000002'
- %CommonProgramFiles%\Microsoft Shared\MSInfo\rejoice2011.exe Shared\MSInfo\rejoice2011.exe
- %TEMP%\Sx_server.exe
- <SYSTEM32>\notepad.exe %TEMP%\ЛµГч.txt
- %TEMP%\ЛµГч.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\rejoice2011.exe
- %TEMP%\Sx_server.txt
- %TEMP%\Sx_server.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\rejoice2011.exe
- %TEMP%\Sx_server.txt
- 'ti####000.3322.org':9102
- DNS ASK ti####000.3322.org
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'TAppBuilder' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''