Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinRAR °ж±ѕ 3.93] 'Start' = '00000002'
- '%PROGRAM_FILES%\WinRAR\UnRAR.exe'
- '%PROGRAM_FILES%\windows\temp\1.exe'
- '<SYSTEM32>\mspaint.exe' -Embedding
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '%WINDIR%\explorer.exe' 2.bmp
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\Deleteme.bat
- %PROGRAM_FILES%\WinRAR\UnRAR.exe
- <SYSTEM32>\Deleteme.bat
- %PROGRAM_FILES%\windows\temp\2.bmp
- %PROGRAM_FILES%\windows\temp\1.exe
- %PROGRAM_FILES%\WinRAR\UnRAR.exe
- %PROGRAM_FILES%\windows\temp\1.exe
- 'by###.gicp.net':7007
- DNS ASK by###.gicp.net
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'