Техническая информация
- %TEMP%\407dc.tmp.lnk
- '<SYSTEM32>\Xncnscosz.exe'
- 'C:\РЎД§Е®.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\cmd.exe' /c "c:\РЎД§Е®.exe_And xMe.bat"
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\№ю№ю№ю№ю.gif
- %TEMP%\2b2ac.tmp
- %TEMP%\BClib\krnln.fnr
- C:\РЎД§Е®.exe_And xMe.bat
- <SYSTEM32>\Xncnscosz.dll
- %TEMP%\BClib\krnln.fne
- %TEMP%\407dc.tmp.lnk
- %TEMP%\BClib\dp1.fne
- %TEMP%\BClib\Exmlrpc.fne
- %HOMEPATH%\Recent\Local Disk (C).lnk
- %TEMP%\nsy2.tmp\System.dll
- %TEMP%\E_4\krnln.fnr
- C:\РЎД§Е®.exe
- C:\№ю№ю№ю№ю.gif
- <SYSTEM32>\Xncnscosz.exe
- %HOMEPATH%\Recent\№ю№ю№ю№ю.lnk
- %TEMP%\E_4\Exmlrpc.fne
- %TEMP%\E_4\dp1.fne
- %TEMP%\nsy2.tmp\System.dll
- %TEMP%\2b2ac.tmp в %TEMP%\2b2ac.tmp2
- 'qq####9600.3322.org':19820
- DNS ASK qq####9600.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''