Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\sms] 'Start' = '00000002'
- 'C:\main.exe'
- '<SYSTEM32>\sms.exe'
- 'C:\dogcheck.exe'
- 'C:\duli.exe'
- '<SYSTEM32>\cmd.exe' /c c:\dvxzmfe.bat
- <SYSTEM32>\sms.dll
- <SYSTEM32>\krnln.fnr
- <SYSTEM32>\sms.exe
- %WINDIR%\Fonts\923b121cbf9254a317b6bf4764c7a160.dat
- <SYSTEM32>\Exmlrpc.fne
- %TEMP%\_eviip.tmp
- <SYSTEM32>\krnln.fne
- <SYSTEM32>\dp1.fne
- C:\dvxzmfe.bat
- C:\main.exe
- %TEMP%\{12913629-1EF8-4B47-95FC-F310BF4C1DA8}.sui
- C:\dogcheck.exe
- C:\duli.exe
- C:\main.dll
- C:\dp1.fne
- %TEMP%\nsy3.tmp\System.dll
- C:\krnln.fnr
- C:\exmlrpc.fne
- <SYSTEM32>\sms.exe
- C:\dp1.fne
- C:\exmlrpc.fne
- C:\main.exe
- C:\main.dll
- %TEMP%\nsy3.tmp\System.dll
- %TEMP%\{12913629-1EF8-4B47-95FC-F310BF4C1DA8}.sui
- C:\krnln.fnr
- C:\duli.exe
- 'sh####li.3322.org':19820
- 'sh####li.51vip.biz':19820
- DNS ASK sh####li.3322.org
- DNS ASK sh####li.51vip.biz
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''