Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'd72j5vwh7d8' = '\DOCUME~1\%USERNAME%\d72j5vwh7d8\fbaajyanha.vbs'
- '%HOMEPATH%\d72j5vwh7d8\nsvcrqiepsh.exe' mdsdfrx.QJM
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\d72j5vwh7d8\tmujdjtc.cmd
- %HOMEPATH%\d72j5vwh7d8\fbaajyanha.vbs
- %HOMEPATH%\d72j5vwh7d8\run.vbs
- %HOMEPATH%\d72j5vwh7d8\sowfknm.HKO
- %HOMEPATH%\d72j5vwh7d8\wxsyijf.GAE
- %HOMEPATH%\d72j5vwh7d8\nsvcrqiepsh.exe
- %HOMEPATH%\d72j5vwh7d8\mdsdfrx.QJM
- %HOMEPATH%\d72j5vwh7d8\sowfknm.HKO
- %HOMEPATH%\d72j5vwh7d8\fbaajyanha.vbs
- %HOMEPATH%\d72j5vwh7d8\tmujdjtc.cmd
- %HOMEPATH%\d72j5vwh7d8\wxsyijf.GAE
- %HOMEPATH%\d72j5vwh7d8\nsvcrqiepsh.exe
- %HOMEPATH%\d72j5vwh7d8\mdsdfrx.QJM
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''