Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e56d997-460a-4ba6-8707-1fb00bbf5e60}]
- %TEMP%\4e285528\ZHePjd18Yo5bgoA.dat
- %TEMP%\4e285528\triPSD00L126I6.dll
- %TEMP%\4e285528\triPSD00L126I6.tlb
- %TEMP%\4e285528\triPSD00L126I6.x64.dll
- %ProgramFiles%\GoSavea\triPSD00L126I6.dll
- %ProgramFiles%\GoSavea\triPSD00L126I6.tlb
- %ProgramFiles%\GoSavea\triPSD00L126I6.dat
- %ProgramFiles%\GoSavea\triPSD00L126I6.x64.dll
- %ALLUSERSPROFILE%\Application Data\GoSavea\ZHePjd18Yo5bgoA.exe
- %ALLUSERSPROFILE%\Application Data\GoSavea\ZHePjd18Yo5bgoA.dat
- %ALLUSERSPROFILE%\Application Data\6e958a80feb239af\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20180615145822
- %TEMP%\4e285528\ZHePjd18Yo5bgoA.dat
- %TEMP%\4e285528\triPSD00L126I6.dll
- %TEMP%\4e285528\triPSD00L126I6.tlb
- %TEMP%\4e285528\triPSD00L126I6.x64.dll
- '<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles%\GoSavea\triPSD00L126I6.x64.dll"