Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Defghi Klmnopqr Tuv] 'Start' = '00000002'
- '%WINDIR%\Temp\khkjlklklklkjjj.exe'
- '%WINDIR%\Temp\wufa.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- C:\NT_Path.jpg
- C:\2400800.dll
- %PROGRAM_FILES%\Iefg\Nefghijkl.pic
- C:\Net-Temp.ini
- %WINDIR%\Temp\wufa.exe
- %WINDIR%\Temp\3306И«ЧФ¶ЇЙЁГиИХЙЁЗ§Ц»ј¦.rar
- %WINDIR%\Temp\www.ico.la_45_128X128_1371673933.ico
- %WINDIR%\Temp\khkjlklklklkjjj.exe
- %PROGRAM_FILES%\Iefg\Nefghijkl.pic
- %WINDIR%\Temp\khkjlklklklkjjj.exe
- C:\2400800.dll
- C:\Net-Temp.ini
- C:\NT_Path.jpg
- '99####324.f3322.org':8000
- DNS ASK 99####324.f3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'