Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Loihmw Kxjhncpg Pnc] 'Start' = '00000002'
- 'C:\LemonEngine.exe'
- 'C:\haemaБЯ±№ѕІ·№µеЖДАП.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- C:\NT_Path.old
- C:\Net-Temp.ini
- %PROGRAM_FILES%\Wfbj\Hgcpqcdvb.jpg
- C:\haemaБЯ±№ѕІ·№µеЖДАП.exe
- C:\LemonEngine.exe
- %WINDIR%\temp2996000.dll
- C:\haemaБЯ±№ѕІ·№µеЖДАП.exe
- %WINDIR%\temp2996000.dll
- C:\Net-Temp.ini
- C:\NT_Path.old
- 'sq###056.oa.to':6969
- DNS ASK sq###056.oa.to
- ClassName: 'Shell_TrayWnd' WindowName: ''