Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{C4560D12-CE25-4A2E-A5D4-B5070FCBE282}' = 'csiddll'
- '<SYSTEM32>\pipi_211_115.exe'
- '<SYSTEM32>\cpa_1.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c 375519961O57540.bat
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\iccy450.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\taoba_1.dll
- <SYSTEM32>\pipi_211_115.exe_2
- <SYSTEM32>\pipi_211_115.exe_0
- <SYSTEM32>\pipi_211_115.exe
- <Текущая директория>\57540.aqq
- <Текущая директория>\375519961O57540.bat
- <SYSTEM32>\taoba_1.dll
- <SYSTEM32>\iccy450.dll
- <SYSTEM32>\cpa_1.exe
- <SYSTEM32>\pipi_211_115.exe_3
- <SYSTEM32>\pipi_211_115.exe_1
- <SYSTEM32>\pipi_211_115.exe_3
- <Текущая директория>\57540.aqq
- <SYSTEM32>\pipi_211_115.exe_2
- <SYSTEM32>\pipi_211_115.exe_0
- <SYSTEM32>\pipi_211_115.exe_1
- '20#.#02.234.116':80
- 20#.#02.234.116http://202.102.234.116/files/pipi_211_115.exe
- ClassName: 'SystemTray_Main' WindowName: '(null)'
- ClassName: 'CSCHiddenWindow' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Proxy Desktop' WindowName: '(null)'
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'SysListView32' WindowName: '(null)'