Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit209a.tmp
- %WINDIR%\tasks\rasautou.job
- <SYSTEM32>\tasks\rasautou
- %WINDIR%\syswow64\cmd.exe
- %APPDATA%\route\newssys\8.opends60.dll
- %APPDATA%\adobe\flash player\nativecache\bit1781.tmp
- %TEMP%\skylabdewar.dll
- %TEMP%\taboret
- %APPDATA%\id_rsa.pub\en\13.opends60.dll
- %APPDATA%\id_rsa.pub\en\27.opends60.dll
- %APPDATA%\id_rsa.pub\en\50.opends60.dll
- %APPDATA%\id_rsa.pub\en\mfc80cht.dll
- %APPDATA%\id_rsa.pub\en\x-amiga-disk-format.xml
- %TEMP%\ee0c0018.lnk
- %TEMP%\tracking\mscorie.dll
- %APPDATA%\route\newssys\x-gettext-translation.xml
- %APPDATA%\route\newssys\statusbar.xml
- %APPDATA%\route\newssys\xslt.xml
- %APPDATA%\route\newssys\vbamnu.dll
- %APPDATA%\route\newssys\devicedma.dll
- %APPDATA%\route\newssys\scrollbar.xml
- %APPDATA%\route\newssys\org.freedesktop.avahi.servicetypebrowser.xml
- %APPDATA%\route\newssys\formatting.xml
- %APPDATA%\route\newssys\rapiconfig.exe
- %APPDATA%\system\logs.dat
- %APPDATA%\adobe\flash player\nativecache\bit1781.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit209a.tmp
- %APPDATA%\adobe\flash player\nativecache\bit1781.tmp в %APPDATA%\adobe\flash player\nativecache\rasautou.exe
- 'do######ck2095.duckdns.org':9597
- DNS ASK do######ck2095.duckdns.org
- '%WINDIR%\syswow64\rundll32.exe' SkylabDewar,Hemlock
- '%WINDIR%\syswow64\cmd.exe'