Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WVFC] 'ImagePath' = '%PROGRAM_FILES%\Gjpa\Gvbix.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\WVFC] 'Start' = '00000002'
- %TEMP%\g81\УВ·ј_QQУОП·¶аїЄІ№¶ЎґујЇ_setup.exe
- %PROGRAM_FILES%\Gjpa\macoef.exe
- %PROGRAM_FILES%\Gjpa\kanoes.exe
- %CommonProgramFiles%\System\Ole DB\MSPat.xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cu[1].txt
- %TEMP%\g81\setup.ini
- %TEMP%\g81\gTemp.dat
- %TEMP%\g81\jTemp.dat
- %PROGRAM_FILES%\Gjpa\cotods\vomaos.dll
- %PROGRAM_FILES%\Gjpa\cotods\pat.xml
- %PROGRAM_FILES%\Gjpa\macoef.exe в %PROGRAM_FILES%\Gjpa\Gvbix.exe
- %PROGRAM_FILES%\Gjpa\kanoes.exe в %PROGRAM_FILES%\Gjpa\Cumm.exe
- %TEMP%\g81\gTemp.dat в %TEMP%\g81\УВ·ј_QQУОП·¶аїЄІ№¶ЎґујЇ_setup.exe
- 'www.yf##.com':80
- 'localhost':1035
- www.yf##.com/cu.txt
- DNS ASK www.yf##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''