Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'iufye' = '%HOMEPATH%\iufye\73175.vbs'
- '%HOMEPATH%\iufye\EKRU.exe' vr.ADN
- '<SYSTEM32>\taskkill.exe' /IM mshta.exe
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '<SYSTEM32>\wscript.exe' "%HOMEPATH%\iufye\Vgv.vbs"
- '<SYSTEM32>\mshta.exe'
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- %HOMEPATH%\iufye\73175.vbs
- %HOMEPATH%\iufye\85068.cmd
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.nfo
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.svr
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.dat
- %HOMEPATH%\iufye\EKRU.exe
- %HOMEPATH%\iufye\XbCUZ.FYP
- %HOMEPATH%\iufye\Vgv.vbs
- %HOMEPATH%\iufye\Bg.FKJ
- %HOMEPATH%\iufye\vr.ADN
- %HOMEPATH%\iufye\85068.cmd
- %HOMEPATH%\iufye\73175.vbs
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.nfo
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.svr
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.dat
- %HOMEPATH%\iufye\EKRU.exe
- %HOMEPATH%\iufye\XbCUZ.FYP
- %HOMEPATH%\iufye\Vgv.vbs
- %HOMEPATH%\iufye\Bg.FKJ
- %HOMEPATH%\iufye\vr.ADN
- %APPDATA%\Microsoft\Windows\hCA5ofj7\hCA5ofj7.svr
- 'cy#####013.no-ip.org':1010
- DNS ASK cy#####013.no-ip.org
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'