Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'mssrw' = '%WINDIR%\system\srchost.exe'
- %WINDIR%\system\srchost.exe
- <SYSTEM32>\xcopy.exe "%WINDIR%\system\*.txt2" "%WINDIR%\system\*.exe"
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %WINDIR%\asd.jpg
- <SYSTEM32>\reg.exe ADD HKLM\software\microsoft\windows\currentversion\run /v mssrw /d %WINDIR%\system\srchost.exe
- %HOMEPATH%\Recent\asd.lnk
- %HOMEPATH%\Recent\WINDOWS.lnk
- %WINDIR%\system\srchost.exe
- %WINDIR%\system\srchost.txt2
- %WINDIR%\gadu.ini
- %WINDIR%\asd.jpg
- %WINDIR%\system\srchost.txt
- '91.##7.13.13':8074
- '91.##7.13.18':8074
- '91.##7.13.28':8074
- '91.##7.13.25':8074
- '91.##7.13.27':8074
- '91.##7.13.17':8074
- '91.##7.13.26':8074
- '91.#97.13.2':8074
- '91.##7.13.24':8074
- '91.##7.13.12':8074
- '91.##7.13.29':8074
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''