Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\jgaw4001640] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe "%CommonProgramFiles%\Microsoft Shared\MSInfo\jgaw4001640.dll",ServiceBoot
- <SYSTEM32>\wscript.exe ""%TEMP%\65f0_51bd.vbs"" //B //Nologo
- %CommonProgramFiles%\Microsoft Shared\MSInfo\RCX2.tmp
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgaw4001640.ini
- %TEMP%\65f0_51bd.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgaw4001640.dll
- %TEMP%\47fb_3a.dll
- %TEMP%\RCX1.tmp
- %ALLUSERSPROFILE%\DebugLog.log
- %TEMP%\65f0_51bd.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgaw4001640.ini
- %TEMP%\47fb_3a.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgaw4001640.dll
- '17#.#34.184.45':53
- ClassName: 'Shell_TrayWnd' WindowName: ''