Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Dreamweaver] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- '%TEMP%\雷战士[神猫在线].exe'
- '%CommonProgramFiles%\Microsoft Shared\MSInfo\Hider.exe'
- '%TEMP%\1.exe'
- '%TEMP%\2.exe'
- <SYSTEM32>\Romdtmy.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\Hider.exe
- <SYSTEM32>\d3d9caps.dat
- %TEMP%\1.exe
- %TEMP%\2.exe
- %TEMP%\雷战士[神猫在线].exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\Hider.exe
- %TEMP%\2.exe
- 'any':8080
- 'any':8010
- 'xt####1981.eicp.net':8080
- 'xt####1981.eicp.net':8010
- DNS ASK .#.
- DNS ASK xt####1981.eicp.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'TAppBuilder' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'