Техническая информация
- '<SYSTEM32>\schtasks.exe' /Delete /TN "Update\ES32" /F
- '<SYSTEM32>\schtasks.exe' /Create /TN "Update\ES32" /XML "%TEMP%\684748956.xml"
- '%ALLUSERSPROFILE%\Application Data\Keygen.exe'
- '%APPDATA%\ES32.exe'
- <LS_APPDATA>\SkinSoft\VisualStyler\2.3.3.3\x86\ssapihook.dll
- %TEMP%\684748956.xml
- %APPDATA%\Imminent\Logs\27-07-2016
- %TEMP%\Temp_Skin.vssf
- %ALLUSERSPROFILE%\Application Data\Keygen.exe
- %APPDATA%\ES32.exe
- %TEMP%\SkinSoft.VisualStyler.dll
- %TEMP%\684748956.xml
- 'r3##.ddns.net':333
- DNS ASK r3##.ddns.net
- ClassName: 'Edit' WindowName: ''
- ClassName: 'ComboLBox' WindowName: ''
- ClassName: '.NET-BroadcastEventWindow.2.0.0.0.33c0d9d.0' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''