Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Rsausm eesmmimo] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Rsausm eesmmimo] 'ImagePath' = '%ProgramFiles(x86)%\Microsoft Sqssus\Meqwqw.exe'
- %TEMP%\install_129.204.112.158_v2.exe
- %ProgramFiles(x86)%\microsoft sqssus\meqwqw.exe
- C:\ezdun.ini
- %ProgramFiles(x86)%\microsoft sqssus\meqwqw.exe
- %TEMP%\install_129.204.112.158_v2.exe в %WINDIR%\syswow64\1028781.bak
- '11#.#90.215.209':81
- '%TEMP%\install_129.204.112.158_v2.exe'
- '%ProgramFiles(x86)%\microsoft sqssus\meqwqw.exe'
- '%ProgramFiles(x86)%\microsoft sqssus\meqwqw.exe' Win7
- '%TEMP%\install_129.204.112.158_v2.exe' ' (со скрытым окном)