Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SxSi] 'Start' = '00000002'
- %ALLUSERSPROFILE%\SxSi\rc.exe 200 0
- %ALLUSERSPROFILE%\SxSi\rc.exe 100 2860
- %TEMP%\1.exe
- <SYSTEM32>\msiexec.exe 209 2908
- <SYSTEM32>\svchost.exe 201 0
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\1.pdf
- %ALLUSERSPROFILE%\SxSi\rcdll.dll
- %ALLUSERSPROFILE%\SxS\bug.log
- %ALLUSERSPROFILE%\SxSi\rc.exe
- %TEMP%\1.exe
- %TEMP%\1.pdf
- %ALLUSERSPROFILE%\SxSi\rc.hlp
- %ALLUSERSPROFILE%\SxSi\rcdll.dll
- %ALLUSERSPROFILE%\SxSi\rc.exe
- %ALLUSERSPROFILE%\SxSi\rc.hlp
- %TEMP%\1.exe
- 'ko#.##directme.net':80
- DNS ASK ko#.##directme.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''