Техническая информация
- '%TEMP%\ama4179.exe'
- '%TEMP%\7z2638CB0C\Setup.exe' ama:install:I'mOmnipotentI'mOmnipresentI'mRoot
- '<SYSTEM32>\find.exe' /S /D /c" ver "
- '<SYSTEM32>\find.exe' /pid=3196
- '<SYSTEM32>\ping.exe' /i "version 6.1."
- '<SYSTEM32>\find.exe' /pid=3044
- '<SYSTEM32>\ping.exe' /pid=3380
- '<SYSTEM32>\find.exe' /pid=756
- '<SYSTEM32>\ping.exe' /pid=3260
- '<SYSTEM32>\find.exe' /pid=3316
- '<SYSTEM32>\find.exe' /pid=2984
- '<SYSTEM32>\find.exe' /i "version 6.1."
- '<SYSTEM32>\find.exe' /i "version 6.0."
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\4.tmp\allmyapps.bat" "
- '<SYSTEM32>\ping.exe' -n 6 127.0.0.1
- '<SYSTEM32>\find.exe' /pid=2864
- '<SYSTEM32>\find.exe' -n 6 127.0.0.1
- '<SYSTEM32>\find.exe' /i "version 5.1."
- '<SYSTEM32>\ping.exe' /S /D /c" ver "
- <SYSTEM32>\find.exe
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\ping.exe
- %TEMP%\nsl3.tmp\newadvsplash.dll
- %TEMP%\nsl3.tmp\splash-screen.gif
- %TEMP%\nsl3.tmp\registry.dll
- %TEMP%\nsl3.tmp\inetc.dll
- %TEMP%\nsl3.tmp\Dialer.dll
- %TEMP%\4.tmp\allmyapps.bat
- %TEMP%\nsl2.tmp
- %TEMP%\7z2638CB0C\Setup.exe
- %TEMP%\Allmyapps.pk
- %TEMP%\ama4179.exe
- %TEMP%\nsl3.tmp\System.dll
- 'ap#.##lmyapps.com':443
- DNS ASK ap#.##lmyapps.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'