Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\EmonSrv] 'Start' = '00000002'
- <SYSTEM32>\1ff6.exe -s
- <SYSTEM32>\1ff6.exe
- %WINDIR%\1.tmp /S
- <SYSTEM32>\1ff6.exe -i
- <SYSTEM32>\regsvr32.exe /s "<SYSTEM32>\91ff.dll"
- <SYSTEM32>\regsvr32.exe /u /s "<SYSTEM32>\hbcmd.dll"
- <SYSTEM32>\regsvr32.exe /u /s "<SYSTEM32>\HelpIE.dll"
- <SYSTEM32>\91ff.dll
- %WINDIR%\91ff6.cfg
- <SYSTEM32>\891f.dll
- %WINDIR%\891ff.dat
- <SYSTEM32>\ff68.dll
- %WINDIR%\ff68d.jpg
- <SYSTEM32>\1ff6.exe
- %WINDIR%\1ff68.avi
- %TEMP%\nsv4.tmp\System.dll
- %TEMP%\nsv3.tmp
- %TEMP%\bofang.dll
- <SYSTEM32>\67-105-7163
- %WINDIR%\1.tmp
- %TEMP%\lfrmewrk.exe
- %TEMP%\GTIAPI.dll
- %TEMP%\RGInstall.dll
- %TEMP%\hbcmd.dll
- %WINDIR%\1.tmp
- %TEMP%\nsv4.tmp\System.dll
- %TEMP%\RGInstall.dll