Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'sefa' = '"%PROGRAM_FILES%\sefa.exe"'
- <SYSTEM32>\calc.exe
- <SYSTEM32>\calc.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ssefa.exe
- %PROGRAM_FILES%\sefa.exe
- %PROGRAM_FILES%\2010.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ssefa.exe
- %PROGRAM_FILES%\sefa.exe
- %PROGRAM_FILES%\2010.txt
- 'li####e888.3322.org':8181
- DNS ASK li####e888.3322.org
- ClassName: 'Tlivelihood' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'TAppBuilder' WindowName: ''