Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'u.s.b' = 'rundll32.exe "<SYSTEM32>\msvcr121_clr0400.dll",ScriptPlace'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\ipconfig.exe' /all
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\msvcr121_clr0400.dll",ScriptPlace
- <SYSTEM32>\nnpbz
- <SYSTEM32>\qivxx
- <SYSTEM32>\tmtcs
- <SYSTEM32>\msvcr121_clr0400.tmp
- <SYSTEM32>\treee
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\msvcr121_clr0400.tmp в <SYSTEM32>\msvcr121_clr0400.dll
- '46.#8.63.23':80
- 'localhost':1037
- 46.#8.63.23/include/index.html?oy###
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''