Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windsjrq] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- ClassName: 'OLLYDBG' WindowName: '(null)'
- %WINDIR%\FuckYou.reg
- %TEMP%\wi179468nd.temp
- %WINDIR%\FuckYou.txt
- %TEMP%\$$$$$$$$.{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\E774\ $$$2\com1.{21EC2020-3AEA-1069-A2DD-08002B30309D}\{FECF17F6-6AC8-47F0-A1BE-B60164AE755F}
- %WINDIR%\MyInformations.ini
- %WINDIR%\MyInformations.ini
- %WINDIR%\FuckYou.reg
- %WINDIR%\FuckYou.txt
- %TEMP%\wi179468nd.temp в <SYSTEM32>\Winds.dll
- 'zj#####40.cdu028.com':3322
- DNS ASK zj#####40.cdu028.com
- ClassName: 'TDeDeMainWindow' WindowName: '(null)'
- ClassName: 'ACPU' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'TRW2000 for Windows 9x'
- ClassName: '(null)' WindowName: 'TWX2002 for Windows 9x'
- ClassName: '(null)' WindowName: 'RegmonClass'