Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ctfmon.exe' = '<SYSTEM32>\ctfmon.exe'
- '%WINDIR%\icon.dll'
- '<SYSTEM32>\ctfmon.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\kill.bat" "
- %WINDIR%\AutiShutDown.dll
- %WINDIR%\cockerel.com
- %WINDIR%\HideProcess.dll
- %HOMEPATH%\Desktop\XEP2007.lnk
- %HOMEPATH%\Desktop\X2004.lnk
- %WINDIR%\XEP2007.exe
- %WINDIR%\icon.dll
- %WINDIR%\cockerel.dll
- %WINDIR%\hackerxfiles.url
- %WINDIR%\X2004.exe
- %WINDIR%\kill.bat
- %WINDIR%\cockerel.com
- %WINDIR%\XEP2007.exe
- %WINDIR%\HideProcess.dll
- %WINDIR%\AutiShutDown.dll
- %WINDIR%\X2004.exe
- %WINDIR%\icon.dll
- %WINDIR%\cockerel.dll
- %WINDIR%\kill.bat
- %WINDIR%\hackerxfiles.url
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'CSCHiddenWindow' WindowName: '(null)'
- ClassName: 'SystemTray_Main' WindowName: '(null)'
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Proxy Desktop' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'