Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{130AF631-47B8-244C-4D13-848DE7161E37}] 'StubPath' = '<SYSTEM32>:runas.exe'
- '<SYSTEM32>\text.exe'
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\acgimnrsx.bat" "
- %WINDIR%\Explorer.EXE
- msnmsgr.exe
- <SYSTEM32>:runas.exe
- <SYSTEM32>\acgimnrsx.bat
- <SYSTEM32>\text.exe
- <SYSTEM32>\randy as fuck Vid.wmv
- <SYSTEM32>\text.exe
- 'do###.#hickenkiller.com':80
- 'localhost':3460
- DNS ASK do###.#hickenkiller.com
- ClassName: 'WMPlayerApp' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Type32_Main_Window' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'