Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AVP36O] 'Start' = '00000002'
- <SYSTEM32>\36O.exe
- C:\main.exe
- %TEMP%\0909M.exe
- <SYSTEM32>\ping.exe 127.0.0.1 -n 3
- <SYSTEM32>\cmd.exe /c c:\delbc.bat
- <SYSTEM32>\cmd.exe /c ""%TEMP%\Т»јьЗеАнПµНіА¬»шОДјю.bat" "
- <SYSTEM32>\Exmlrpc.fne
- <SYSTEM32>\dp1.fne
- <SYSTEM32>\36O.dll
- <SYSTEM32>\krnln.fnr
- <SYSTEM32>\IJL15.DLL
- <SYSTEM32>\krnln.fne
- %TEMP%\e_4\36Oea9d9.dll
- C:\delbc.bat
- %TEMP%\_eviip.tmp
- <SYSTEM32>\36O.exe
- C:\main.exe
- C:\main.dll
- %TEMP%\0909M.exe
- %TEMP%\Т»јьЗеАнПµНіА¬»шОДјю.bat
- C:\krnln.fnr
- C:\ijl.dat
- %TEMP%\nse3.tmp\System.dll
- C:\exmlrpc.fne
- C:\dp1.fne
- <SYSTEM32>\dp1.fne
- <SYSTEM32>\IJL15.DLL
- <SYSTEM32>\Exmlrpc.fne
- <SYSTEM32>\36O.exe
- <SYSTEM32>\krnln.fnr
- C:\ijl.dat
- C:\dp1.fne
- C:\main.exe
- C:\main.dll
- %TEMP%\0909M.exe
- %TEMP%\nse3.tmp\System.dll
- C:\exmlrpc.fne
- C:\krnln.fnr
- DNS ASK de####n.gnway.net
- ClassName: '' WindowName: ''