Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdVantage' = '%APPDATA%\advantage\AdVantage.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\systeminfo.exe'
- %APPDATA%\advantage\AdVantage.exe
- %APPDATA%\Microsoft\Sze\hqhmp
- ClassName: ' 1 7851' WindowName: '236773 9 '
- ClassName: ' ' WindowName: '227'
- ClassName: '601' WindowName: '28'
- ClassName: ' ' WindowName: '2282 376'
- ClassName: ' 7 0 ' WindowName: '73 38039'
- ClassName: ' 7 0 ' WindowName: '91 2663 '
- ClassName: 'Indicator' WindowName: ''
- ClassName: '779' WindowName: ' '
- ClassName: ' 7 0 ' WindowName: '2'
- ClassName: '81482031' WindowName: ' 7 0 '
- ClassName: ' 19117' WindowName: '3'
- ClassName: '70 37683' WindowName: '70 37683'
- ClassName: ' 7 0 ' WindowName: '28'
- ClassName: '13 5' WindowName: '13 5'
- ClassName: ' 44' WindowName: '49 '
- ClassName: ' ' WindowName: ' '
- ClassName: '72 ' WindowName: ' 399'
- ClassName: '72 ' WindowName: ' 620 82'
- ClassName: '8717' WindowName: '66 '
- ClassName: '7078 22 ' WindowName: '7078 22 '
- ClassName: ' 638 5' WindowName: ' 998004'