Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '972nt6c64w679' = '%HOMEPATH%\972nt6c64w679\27124.vbs'
- '%HOMEPATH%\972nt6c64w679\HcDfvvKQ.exe' yTPdMnZP.PCY
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\972nt6c64w679\YidNWXeE.WJN
- %HOMEPATH%\972nt6c64w679\99307.cmd
- %HOMEPATH%\972nt6c64w679\27124.vbs
- %HOMEPATH%\972nt6c64w679\MmDJIdws.HHI
- %HOMEPATH%\972nt6c64w679\HcDfvvKQ.exe
- %HOMEPATH%\972nt6c64w679\yTPdMnZP.PCY
- %HOMEPATH%\972nt6c64w679\YidNWXeE.WJN
- %HOMEPATH%\972nt6c64w679\27124.vbs
- %HOMEPATH%\972nt6c64w679\99307.cmd
- %HOMEPATH%\972nt6c64w679\MmDJIdws.HHI
- %HOMEPATH%\972nt6c64w679\HcDfvvKQ.exe
- %HOMEPATH%\972nt6c64w679\yTPdMnZP.PCY
- 'sm##.gmail.com':587
- DNS ASK sm##.gmail.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'