Техническая информация
- %WINDIR%\Tasks\At1.job
- %TEMP%\1651123491.bin
- %TEMP%\is-DCQBF.tmp\1651123491.tmp /SL5="$400DC,1298327,53248,%TEMP%\1651123491.bin"
- %TEMP%\191612895.tmp "%TEMP%\85216748.bin"
- %TEMP%\3270115654.tmp "%TEMP%\85216748.bin"
- <SYSTEM32>\at.exe 03:05 /every:2,5,8,11,14,17,20,23,26,29 "<SYSTEM32>\rregsvr32.exe"
- %TEMP%\is-DCQBF.tmp\1651123491.tmp
- %TEMP%\1651123491.bin
- %TEMP%\is-P4INJ.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-P4INJ.tmp\isxdl.dll
- %TEMP%\is-P4INJ.tmp\_isetup\_shfoldr.dll
- %TEMP%\85216748.bin
- %TEMP%\191612895.tmp
- %TEMP%\3270115654.tmp
- <SYSTEM32>\rregsvr32.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\google[1]
- %TEMP%\85216748.bin
- %TEMP%\3270115654.tmp
- %TEMP%\191612895.tmp
- '74.##5.232.51':80
- 'localhost':1036
- 74.##5.232.51/
- DNS ASK kw###ame.com
- DNS ASK google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''