Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ias] 'Start' = '00000002'
- %TEMP%\298їу№¤.exe
- %TEMP%\2.exe
- %TEMP%\1.exe
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- <Текущая директория>\epmsfvrxmn
- %TEMP%\132546.log
- %TEMP%\298їу№¤.exe
- %TEMP%\2.exe
- %TEMP%\1.exe
- <SYSTEM32>\config\SysEvent.Evt
- %TEMP%\2.exe
- <SYSTEM32>\config\SecEvent.Evt
- <Текущая директория>\epmsfvrxmn
- <SYSTEM32>\config\AppEvent.Evt
- %TEMP%\1.exe в %TEMP%\GameUpdate.txt
- %TEMP%\132546.log в <SYSTEM32>\eeops.dll
- 'l.##081.com':80
- 'wm###g.3322.org':24528
- l.##081.com/ec2009/group.txt.ver.txt
- l.##081.com/ec2009/group.txt
- DNS ASK l.##081.com
- DNS ASK wm###g.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ThunderRT6FormDC' WindowName: ''
- ClassName: 'ThunderRT6FormDC' WindowName: 'Shareware Cheater v 3.0'