Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\IbXtBE8] 'Start' = '00000002'
- %PROGRAM_FILES%\MSDN\Thunder7.0.exe
- <SYSTEM32>\svchost.exe -k IbXtBE8
- <SYSTEM32>\rundll32.exe shimgvw.dll,ImageView_Fullscreen "%TEMP%\123796.jpg"
- %WINDIR%\vbcfg.ini
- %PROGRAM_FILES%\MSN\Setup.dll
- %WINDIR%\windows.dat
- <SYSTEM32>\A5qX8c.pic
- %PROGRAM_FILES%\MSDN\Thunder7.0.exe
- %TEMP%\nse2.tmp\System.dll
- %TEMP%\123796.jpg
- %PROGRAM_FILES%\MSDN\Thunder7.0.exe
- %WINDIR%\vbcfg.ini
- %TEMP%\nse2.tmp\System.dll
- %WINDIR%\windows.dat
- 'a2####1.3322.org':8000
- DNS ASK a2####1.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''