Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit1140.tmp
- %WINDIR%\explorer.exe
- iexplore.exe
- %TEMP%\nsr9ccc.tmp
- %TEMP%\situlacystocele.dll
- %TEMP%\prosody
- %APPDATA%\for\page_1\model82.xml
- %APPDATA%\for\page_1\r2400.xml
- %APPDATA%\for\page_1\microsoftxsldebugproxy.exe
- %APPDATA%\for\page_1\13.opends60.dll
- %TEMP%\donations\decrypted\webdevwebserver.exe
- %TEMP%\donations\decrypted\isabel.xml
- %APPDATA%\identities\{91255d00-95d9-49f5-8e84-7c027f5283b7}\bit81b.tmp
- %TEMP%\mode\thumbs.db\intern\activesyncbootstrap.dll
- %TEMP%\mode\thumbs.db\intern\systemuserleadassignment.xml
- %TEMP%\mode\thumbs.db\intern\permcalc.exe
- %TEMP%\mode\thumbs.db\intern\natdbgdeui.dll
- %TEMP%\mode\thumbs.db\intern\microsoftvisualstudioui.dll
- %TEMP%\2006\35.opends60.dll
- %TEMP%\2006\layertab.xml
- %TEMP%\2006\reportobjectbar.xml
- %TEMP%\2006\x-changelog.xml
- %TEMP%\mode\thumbs.db\intern\vsa7director.dll
- %TEMP%\a670bb59.lnk
- %APPDATA%\identities\{91255d00-95d9-49f5-8e84-7c027f5283b7}\bit81b.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit1140.tmp
- %APPDATA%\identities\{91255d00-95d9-49f5-8e84-7c027f5283b7}\bit81b.tmp в %APPDATA%\identities\{91255d00-95d9-49f5-8e84-7c027f5283b7}\easeofaccessdialog.exe
- '%WINDIR%\syswow64\rundll32.exe' SitulaCystocele,Hurley
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWOW64\cmd.exe"