Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bz5F2eppnt' = '<LS_APPDATA>\p2Nf4p0TNwy\bz5F2eppnt.exe'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'SystemDiagnostics' = '%APPDATA%\svhost .exe'
- Диспетчера задач (Taskmgr)
- %WINDIR%\explorer.exe
- %TEMP%\xcoca.ine
- <LS_APPDATA>\p2nf4p0tnwy\bz5f2eppnt.exe
- %APPDATA%\svhost .exe
- %TEMP%\xcoca.ine в %TEMP%\svchost.exe
- %TEMP%\xcoca.ine
- ClassName: 'Progman' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%APPDATA%\svhost .exe'
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\explorer.exe'