Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdVantage' = '%APPDATA%\advantage\AdVantage.exe'
- <SYSTEM32>\systeminfo.exe
- %APPDATA%\advantage\AdVantage.exe
- %APPDATA%\Microsoft\Sze\hqhmp
- ClassName: ' 40' WindowName: '0 2 1'
- ClassName: ' 1764' WindowName: '2 8196'
- ClassName: '428' WindowName: '428'
- ClassName: 'Indicator' WindowName: ''
- ClassName: ' 87361' WindowName: '3 00 7 '
- ClassName: '7 246 ' WindowName: '0 2 1'
- ClassName: ' 4' WindowName: ' 4'
- ClassName: '428' WindowName: '23 07'
- ClassName: ' 6 ' WindowName: '428'
- ClassName: '06 601 ' WindowName: '3 37'
- ClassName: '9427 36' WindowName: '4 '
- ClassName: '428' WindowName: '344 09 7'
- ClassName: ' ' WindowName: '59 '