Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ebmoteme] 'Start' = '00000002'
- <SYSTEM32>\Qoniak.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\ChaosOne.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\NextStudy.exe
- <SYSTEM32>\svchost.exe -k Fynusepoal
- <SYSTEM32>\cmd.exe /c ""%TEMP%\_uninsep.bat" "
- <SYSTEM32>\Qoniak.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\temp1234.dat
- %TEMP%\_uninsep.bat
- <SYSTEM32>\Mipaiqhuhyh.dll
- <SYSTEM32>\golfinfo.ini
- %PROGRAM_FILES%\Company\ChaosOne.exe\Uninstall.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\Company\ChaosOne.exe\NextStudy.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\Uninstall.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\ChaosOne.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\NextStudy.exe
- <SYSTEM32>\Qoniak.exe
- %PROGRAM_FILES%\Company\ChaosOne.exe\temp1234.dat
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- '12#.#54.231.131':11180
- '27.##5.205.36':11100
- ClassName: 'Warcraft III' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''