Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{6449E13B-3AC7-4912-1D57-F3007C0D7C45}] 'stubpath' = ''
- <SYSTEM32>\Microsoft\AlphaCryptUpdate3_15_Classic.exe
- <SYSTEM32>\Microsoft\alg.EXE
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:"%TEMP%\RES2.tmp"" ""%TEMP%\vbc1.tmp""
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe /noconfig @"%TEMP%\rforieid.cmdline"
- %WINDIR%\Explorer.EXE
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE
- %TEMP%\vbc1.tmp
- %TEMP%\rforieid.out
- %TEMP%\RES2.tmp
- %WINDIR%\Neet\Player.exe
- %TEMP%\rforieid.dll
- <SYSTEM32>\Microsoft\alg.EXE
- %TEMP%\sfx.ini
- <SYSTEM32>\Microsoft\AlphaCryptUpdate3_15_Classic.exe
- %TEMP%\rforieid.cmdline
- %TEMP%\rforieid.0.vb
- %WINDIR%\Neet\Player.exe
- %TEMP%\rforieid.cmdline
- %TEMP%\rforieid.out
- %TEMP%\rforieid.dll
- %TEMP%\rforieid.0.vb
- %TEMP%\sfx.ini
- %TEMP%\RES2.tmp
- %TEMP%\vbc1.tmp
- 'localhost':81
- 'dj####aa.no-ip.biz':81
- DNS ASK dj####aa.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''