Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftВ® WindowsВ® Operating System' = '%PROGRAMDATA%\ethuu.exe'
- <Имя диска съемного носителя>:\000814251_video_01.avi .exe
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- %PROGRAMDATA%\ethuu.exe
- D:\$recycle.bin .exe
- %WINDIR% .exe
- C:\users .exe
- C:\totalcmd .exe
- C:\system volume information .exe
- C:\recovery .exe
- %PROGRAMDATA% .exe
- C:\program files (x86) .exe
- C:\program files .exe
- C:\perflogs .exe
- C:\pagefile.sys .exe
- C:\msocache .exe
- <Текущая директория> .exe
- C:\far2 .exe
- C:\documents and settings .exe
- C:\$recycle.bin .exe
- %PROGRAMDATA%\saaaalamm\mira.h
- D:\install.log .exe
- D:\system volume information .exe
- %PROGRAMDATA%\saaaalamm\mira.h
- ClassName: '18467-41' WindowName: ''
- '%PROGRAMDATA%\ethuu.exe'