Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'dvqim.exe' = '"%ALLUSERSPROFILE%\Application Data\dvqim.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'dvqim.exe' = '"%ALLUSERSPROFILE%\Application Data\dvqim.exe"'
- '<SYSTEM32>\runas.exe'
- <SYSTEM32>\ctfmon.exe
- <SYSTEM32>\runas.exe
- ash.exe
- ashAvast.exe
- ashAvSrv.exe
- 360tray.exe
- ageofconan.exe
- aion.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- %ALLUSERSPROFILE%\Application Data\117936955e9845.dat
- %ALLUSERSPROFILE%\Application Data\dvqim.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'shell_traywnd' WindowName: ''