Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'bfrgnos' = '{E8A415A5-DE53-4D16-9649-602603515FEC}'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'afxlspw' = '{C83E970B-14E6-423C-9A3A-030BC8FC16DE}'
- %TEMP%\ac8zt2\frplprg.exe reg
- %TEMP%\ac8zt2\egtx.exe relpn
- %TEMP%\ac8zt2\egtx.exe %WINDIR%\afxlspw.dll afxlspw
- %TEMP%\ac8zt2\egtx.exe %WINDIR%\bfrgnos.dll bfrgnos
- %WINDIR%\explorer.exe
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\dwrmntsvrm.dll
- <SYSTEM32>\regsvr32.exe /s edfqvrw.dll
- %WINDIR%\Explorer.EXE
- %WINDIR%\dwrmntsvrm.dll
- %WINDIR%\afxlspw.dll
- %TEMP%\ac8zt2\afxlspw.dll
- %WINDIR%\edfqvrw.dll
- %TEMP%\nsx4.tmp.bat
- %WINDIR%\bfrgnos.dll
- %WINDIR%\frplprg.exe
- %TEMP%\ac8zt2\frplprg.exe
- %TEMP%\ac8zt2\dwrmntsvrm.dll
- %TEMP%\nsu2.tmp
- %TEMP%\ac8zt2\egtx.exe
- %TEMP%\ac8zt2\install.bat
- %TEMP%\ac8zt2\edfqvrw.dll
- %TEMP%\ac8zt2\bfrgnos.dll
- %TEMP%\ac8zt2\egtx.exe
- %TEMP%\ac8zt2\frplprg.exe
- %TEMP%\ac8zt2\install.bat
- %TEMP%\ac8zt2\edfqvrw.dll
- %TEMP%\ac8zt2\afxlspw.dll
- %TEMP%\ac8zt2\bfrgnos.dll
- %TEMP%\ac8zt2\dwrmntsvrm.dll
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'