Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Heyddv Jwnripmv Cxl] 'Start' = '00000002'
- '%WINDIR%\Temp\201175231442.exe'
- '%WINDIR%\Temp\201175231440.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- C:\NT_Path.old
- C:\Net-Temp.ini
- %PROGRAM_FILES%\Bmwi\Irerkgyva.bmp
- %WINDIR%\Temp\201175231440.exe
- %WINDIR%\Temp\201175231442.exe
- %WINDIR%\temp372200.dll
- %PROGRAM_FILES%\Bmwi\Irerkgyva.bmp
- %WINDIR%\Temp\201175231440.exe
- %WINDIR%\temp372200.dll
- C:\Net-Temp.ini
- C:\NT_Path.old
- 'ga####n324.3322.org':8900
- DNS ASK ga####n324.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''