Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AudioSrv] 'Start' = '00000002'
- 'C:\hvmqnj' a -s
- 'C:\INI.exe'
- 'C:\QQмЕОијТЧеУЎПуРЎНјЖ¬.exe'
- <Текущая директория>\rhupoojhg
- C:\SkinH_EL.dll
- %TEMP%\cbpibuiowv.dat
- <SYSTEM32>\utarjxxcqb
- <SYSTEM32>\51e92691.rdb
- C:\hvmqnj
- C:\INI.exe
- C:\QQмЕОијТЧеУЎПуРЎНјЖ¬.exe
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\E_N4\SkinH_EL.dll
- %TEMP%\E_N4\eAPI.fne
- C:\SkinH_EL.dll
- <SYSTEM32>\utarjxxcqb
- <SYSTEM32>\config\SysEvent.Evt
- C:\hvmqnj
- <SYSTEM32>\config\SecEvent.Evt
- C:\hvmqnj10
- <Текущая директория>\rhupoojhg
- <SYSTEM32>\config\AppEvent.Evt
- %TEMP%\cbpibuiowv.dat в %APPDATA%\ACD Systems\ACDSee\Imagehr.ddf
- C:\INI.exe в C:\hvmqnj10
- 'ca#####bixin.3322.org':2200
- DNS ASK ca#####bixin.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''