Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'w23w38c439r21' = '%HOMEPATH%\w23w38c439r21\39952.vbs'
- %APPDATA%\Microsoft\windows\Start Menu\programs\startup\start.lnk
- скрытых файлов
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFolderOptions' = '00000001'
- %WINDIR%\microsoft.net\framework\v2.0.50727\regsvcs.exe
- %HOMEPATH%\w23w38c439r21\wvsfe.snl
- %HOMEPATH%\w23w38c439r21\zkbnfdu.exe
- %HOMEPATH%\w23w38c439r21\vowcg.iuv
- %HOMEPATH%\w23w38c439r21\ndec.hhc
- %HOMEPATH%\w23w38c439r21\00.-kлубныеновинкиvol.396fromagr(2014)mp3,320kbps.png
- %HOMEPATH%\w23w38c439r21\32015.cmd
- %HOMEPATH%\w23w38c439r21\39952.vbs
- %HOMEPATH%\w23w38c439r21\run.vbs
- %APPDATA%\imlgs\12-10-2019
- %HOMEPATH%\w23w38c439r21\wvsfe.snl
- %HOMEPATH%\w23w38c439r21\zkbnfdu.exe
- %HOMEPATH%\w23w38c439r21\vowcg.iuv
- %HOMEPATH%\w23w38c439r21\ndec.hhc
- %HOMEPATH%\w23w38c439r21\39952.vbs
- %HOMEPATH%\w23w38c439r21\32015.cmd
- %APPDATA%\Microsoft\windows\Start Menu\programs\startup\start.lnk
- DNS ASK 16####21.no-ip.org
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\w23w38c439r21\zkbnfdu.exe' vowcg.IUV
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regsvcs.exe'