Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\WaCdAENDWXaI.lnk
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\GTge.exe' "%APPDATA%\deZQA.au3"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- %APPDATA%\deZQA.au3
- %APPDATA%\GTge.exe
- %HOMEPATH%\g7skqL4uMD9dMPWn\GTge.exe
- %HOMEPATH%\g7skqL4uMD9dMPWn\deZQA.au3
- %APPDATA%\GTge.exe в %HOMEPATH%\g7skqL4uMD9dMPWn\GTge.exe
- %APPDATA%\deZQA.au3 в %HOMEPATH%\g7skqL4uMD9dMPWn\deZQA.au3
- '<L###LNET>.0.2':4333
- 'la###ost.net':4333
- DNS ASK la###ost.net
- ClassName: 'Shell_TrayWnd' WindowName: ''