Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MsAudio' = '<SYSTEM32>\explorer.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MsAudio' = '%WINDIR%\MsVM_STI.EXE RunDll32 cmicnfg.cpl,CMICtrlWnd'
- %WINDIR%\MsVM_STI.EXE
- <SYSTEM32>\cmd.exe /c <Текущая директория>\$$a$$.bat
- <Текущая директория>\$$a$$.bat
- <SYSTEM32>\explorer.exe
- %WINDIR%\MsVM_STI.EXE
- 'www.us###ges.com':80
- www.us###ges.com/sss163/updata.html
- DNS ASK www.us###ges.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'OWL_Window' WindowName: ''
- ClassName: 'TApplication' WindowName: 'Legend of Mir'
- ClassName: 'D3D Window' WindowName: 'YB_OnlineClient'
- ClassName: 'ODINGAME_ONLINE' WindowName: '??????????OnLine'
- ClassName: 'TSpyMain' WindowName: ''
- ClassName: '' WindowName: 'eXpLoRer'
- ClassName: '' WindowName: 'WinHex'
- ClassName: '' WindowName: 'WPE PRO'
- ClassName: 'TForm1' WindowName: '???????????? ??????(??????)'
- ClassName: 'TFormMain' WindowName: 'Visual Sniffer'