Техническая информация
- Интерпретатора командной строки (CMD)
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoRun' = '00000001'
- %HOMEPATH%\desktop\contosoroot_1.cer
- %HOMEPATH%\desktop\uep_form_786_bulletin_1726i602.doc
- %HOMEPATH%\desktop\trivial-merge.htm
- %LOCALAPPDATA%\google\chrome\user data\default\login data
- %LOCALAPPDATA%\google\chrome\user data\default\cookies
- %HOMEPATH%\desktop\pay2decrypt1.txt
- %HOMEPATH%\desktop\pay2decrypt74.txt
- %HOMEPATH%\desktop\pay2decrypt73.txt
- %HOMEPATH%\desktop\pay2decrypt72.txt
- %HOMEPATH%\desktop\pay2decrypt71.txt
- %HOMEPATH%\desktop\pay2decrypt70.txt
- %HOMEPATH%\desktop\pay2decrypt69.txt
- %HOMEPATH%\desktop\pay2decrypt68.txt
- %HOMEPATH%\desktop\pay2decrypt67.txt
- %HOMEPATH%\desktop\pay2decrypt66.txt
- %HOMEPATH%\desktop\pay2decrypt65.txt
- %HOMEPATH%\desktop\pay2decrypt64.txt
- %HOMEPATH%\desktop\pay2decrypt63.txt
- %HOMEPATH%\desktop\pay2decrypt62.txt
- %HOMEPATH%\desktop\pay2decrypt61.txt
- %HOMEPATH%\desktop\pay2decrypt60.txt
- %HOMEPATH%\desktop\pay2decrypt59.txt
- %HOMEPATH%\desktop\pay2decrypt58.txt
- %HOMEPATH%\desktop\pay2decrypt57.txt
- %HOMEPATH%\desktop\pay2decrypt56.txt
- %HOMEPATH%\desktop\pay2decrypt55.txt
- %HOMEPATH%\desktop\pay2decrypt54.txt
- %HOMEPATH%\desktop\pay2decrypt52.txt
- %HOMEPATH%\desktop\pay2decrypt53.txt
- %HOMEPATH%\desktop\pay2decrypt75.txt
- %HOMEPATH%\desktop\pay2decrypt76.txt
- %HOMEPATH%\desktop\pay2decrypt98.txt
- %HOMEPATH%\desktop\pay2decrypt97.txt
- %HOMEPATH%\desktop\pay2decrypt96.txt
- %HOMEPATH%\desktop\pay2decrypt95.txt
- %HOMEPATH%\desktop\pay2decrypt94.txt
- %HOMEPATH%\desktop\pay2decrypt93.txt
- %HOMEPATH%\desktop\pay2decrypt92.txt
- %HOMEPATH%\desktop\pay2decrypt91.txt
- %HOMEPATH%\desktop\pay2decrypt90.txt
- %HOMEPATH%\desktop\pay2decrypt89.txt
- %HOMEPATH%\desktop\pay2decrypt87.txt
- %HOMEPATH%\desktop\pay2decrypt37.txt
- %HOMEPATH%\desktop\pay2decrypt86.txt
- %HOMEPATH%\desktop\pay2decrypt85.txt
- %HOMEPATH%\desktop\pay2decrypt84.txt
- %HOMEPATH%\desktop\pay2decrypt83.txt
- %HOMEPATH%\desktop\pay2decrypt82.txt
- %HOMEPATH%\desktop\pay2decrypt81.txt
- %HOMEPATH%\desktop\pay2decrypt80.txt
- %HOMEPATH%\desktop\pay2decrypt79.txt
- %HOMEPATH%\desktop\pay2decrypt78.txt
- %HOMEPATH%\desktop\pay2decrypt77.txt
- %HOMEPATH%\desktop\pay2decrypt51.txt
- %HOMEPATH%\desktop\pay2decrypt50.txt
- %HOMEPATH%\desktop\pay2decrypt49.txt
- %HOMEPATH%\desktop\pay2decrypt21.txt
- %HOMEPATH%\desktop\pay2decrypt20.txt
- %HOMEPATH%\desktop\pay2decrypt19.txt
- %HOMEPATH%\desktop\pay2decrypt18.txt
- %HOMEPATH%\desktop\pay2decrypt17.txt
- %HOMEPATH%\desktop\pay2decrypt16.txt
- %HOMEPATH%\desktop\pay2decrypt15.txt
- %HOMEPATH%\desktop\pay2decrypt14.txt
- %HOMEPATH%\desktop\pay2decrypt13.txt
- %HOMEPATH%\desktop\pay2decrypt12.txt
- %HOMEPATH%\desktop\pay2decrypt11.txt
- %HOMEPATH%\desktop\pay2decrypt10.txt
- %HOMEPATH%\desktop\pay2decrypt9.txt
- %HOMEPATH%\desktop\pay2decrypt8.txt
- %HOMEPATH%\desktop\pay2decrypt7.txt
- %HOMEPATH%\desktop\pay2decrypt6.txt
- %HOMEPATH%\desktop\pay2decrypt5.txt
- %HOMEPATH%\desktop\pay2decrypt4.txt
- %HOMEPATH%\desktop\pay2decrypt3.txt
- %HOMEPATH%\desktop\pay2decrypt2.txt
- %HOMEPATH%\desktop\pay2decrypt23.txt
- %HOMEPATH%\desktop\pay2decrypt24.txt
- %HOMEPATH%\desktop\pay2decrypt22.txt
- %HOMEPATH%\desktop\pay2decrypt25.txt
- %HOMEPATH%\desktop\pay2decrypt48.txt
- %HOMEPATH%\desktop\pay2decrypt26.txt
- %HOMEPATH%\desktop\pay2decrypt47.txt
- %HOMEPATH%\desktop\pay2decrypt46.txt
- %HOMEPATH%\desktop\pay2decrypt45.txt
- %HOMEPATH%\desktop\pay2decrypt44.txt
- %HOMEPATH%\desktop\pay2decrypt43.txt
- %HOMEPATH%\desktop\pay2decrypt42.txt
- %HOMEPATH%\desktop\pay2decrypt41.txt
- %HOMEPATH%\desktop\pay2decrypt40.txt
- %HOMEPATH%\desktop\pay2decrypt39.txt
- %HOMEPATH%\desktop\pay2decrypt88.txt
- %HOMEPATH%\desktop\pay2decrypt99.txt
- %HOMEPATH%\desktop\pay2decrypt36.txt
- %HOMEPATH%\desktop\pay2decrypt35.txt
- %HOMEPATH%\desktop\pay2decrypt34.txt
- %HOMEPATH%\desktop\pay2decrypt33.txt
- %HOMEPATH%\desktop\pay2decrypt32.txt
- %HOMEPATH%\desktop\pay2decrypt31.txt
- %HOMEPATH%\desktop\pay2decrypt30.txt
- %HOMEPATH%\desktop\pay2decrypt29.txt
- %HOMEPATH%\desktop\pay2decrypt28.txt
- %HOMEPATH%\desktop\pay2decrypt27.txt
- %HOMEPATH%\desktop\pay2decrypt38.txt
- %HOMEPATH%\desktop\pay2decrypt100.txt
- %HOMEPATH%\desktop\contosoroot_1.cer
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_gb\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_128.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_16.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_close.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_hover.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_maximize.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_pressed.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\manifest.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de\messages.json
- C:\users\public\music\sample music\sleep away.mp3
- C:\users\public\libraries\recordedtv.library-ms
- %HOMEPATH%\desktop\uep_form_786_bulletin_1726i602.doc
- C:\users\public\desktop\opera.lnk
- C:\users\public\desktop\acrobat reader dc.lnk
- C:\users\public\desktop\google chrome.lnk
- C:\users\public\desktop\mirc.lnk
- C:\users\public\desktop\mozilla firefox.lnk
- C:\users\public\desktop\mozilla thunderbird.lnk
- C:\users\public\desktop\steam.lnk
- C:\users\public\desktop\winamp.lnk
- %HOMEPATH%\desktop\trivial-merge.htm
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el\messages.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\flapper.gif
- 'di##ord.com':443
- 'di##ord.com':443
- DNS ASK di##ord.com