Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit784b.tmp
- %WINDIR%\tasks\msiexec.job
- <SYSTEM32>\tasks\msiexec
- %WINDIR%\syswow64\cmd.exe
- %TEMP%\nsce975.tmp
- %APPDATA%\icq-profile\update\splash_banner\bit6ef8.tmp
- %TEMP%\posterior.dll
- %TEMP%\misery
- %APPDATA%\job\editbin.exe
- %APPDATA%\job\hangul.xml
- %APPDATA%\job\serverlib.dll
- %APPDATA%\job\pgoui.dll
- %APPDATA%\job\mp2.xml
- %APPDATA%\job\x-executable.xml
- %APPDATA%\job\org.gnome.eog.gschema.xml
- %APPDATA%\job\clstencilui.dll
- %APPDATA%\job\player.xml
- %APPDATA%\scans\x-zoo.xml
- %APPDATA%\scans\msddslmp.dll
- %APPDATA%\scans\vswebsiteinterop.dll
- %TEMP%\f5a9f482.lnk
- %APPDATA%\remcos\logs.dat
- %APPDATA%\icq-profile\update\splash_banner\bit6ef8.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit784b.tmp
- %APPDATA%\icq-profile\update\splash_banner\bit6ef8.tmp в %APPDATA%\icq-profile\update\splash_banner\msiexec.exe
- 'pa#####3we4.duckdns.org':1212
- DNS ASK pa#####3we4.duckdns.org
- '%WINDIR%\syswow64\rundll32.exe' Posterior,Questionaries
- '%WINDIR%\syswow64\cmd.exe'