Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{382BF783-92E7-5A05-ED0A-316274850DD1}' = '"%APPDATA%\Hyorr\faam.exe"'
- %APPDATA%\Hyorr\faam.exe
- <SYSTEM32>\ctfmon.exe
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- %APPDATA%\Ibitot\asob.cei
- %TEMP%\tmp3be08e55.bat
- %APPDATA%\Hyorr\faam.exe
- '74.#3.44.42':80
- 74.#3.44.42/~heheheyo/forum/forum.bin
- ClassName: 'Indicator' WindowName: ''