Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinImapi] 'Start' = '00000002'
- '%WINDIR%\Temp\tmp.exe'
- '%TEMP%\temp2.exe'
- %TEMP%\171359_res.tmp
- %WINDIR%\xpsp2res.dll
- <SYSTEM32>\WinImapils.exe
- %WINDIR%\Temp\tmp.exe
- %TEMP%\temp2.exe
- %TEMP%\Survey.doc
- %WINDIR%\170796.tmp
- %TEMP%\170796_res.tmp
- %WINDIR%\170796.tmp
- %WINDIR%\xpsp2res.dll в %WINDIR%\recyclersy3.tmp
- %TEMP%\171359_res.tmp в %WINDIR%\Temp\tmp.exe
- %TEMP%\170796_res.tmp в %WINDIR%\170796.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'WordPadClass' WindowName: '(null)'