Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ezenjoy' = '"%PROGRAM_FILES%\ezenjoy\ezenjoy.exe" -o'
- %APPDATA%\Favorite.exe
- %PROGRAM_FILES%\ezenjoy\installer_dbgosms.exe
- <SYSTEM32>\cmd.exe /c \fivi.bat
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %HOMEPATH%\Favorites\»х·Оїо јј»уА» ї©ґВ №®, Gё¶ДП.url
- %HOMEPATH%\Favorites\µрѕШјҐ, ЅГБр 2.url
- %APPDATA%\Favorite.exe
- %APPDATA%\domain.txt
- %HOMEPATH%\Favorites\ґзЅЕАМ ГЈґВ ёрµз ЅєЕёАП, їБјЗ.url
- %TEMP%\nsd4.tmp\System.dll
- %TEMP%\nsd4.tmp\DLLWebCount.dll
- %HOMEPATH%\Favorites\јоЗО ЅєЖ®ё®Ж®, 11№ш°Ў.url
- C:\fivi.bat
- %PROGRAM_FILES%\ezenjoy\ezenjoy.exe
- %PROGRAM_FILES%\ezenjoy\installer.exe
- %TEMP%\nsa2.tmp\KillProcDLL.dll
- %TEMP%\nsa2.tmp\DLLWaitForKillProgram.dll
- %TEMP%\nsa2.tmp\stack.dll
- %TEMP%\nsa2.tmp\SelfDelete.dll
- C:\DelUS.bat
- %TEMP%\nsa2.tmp\SetHoldData.dll
- %PROGRAM_FILES%\ezenjoy\Uninstall.exe
- %TEMP%\nsa2.tmp\stack.dll
- %APPDATA%\domain.txt
- %APPDATA%\Favorite.exe
- %TEMP%\nsa2.tmp\SetHoldData.dll
- %TEMP%\nsa2.tmp\DLLWaitForKillProgram.dll
- %TEMP%\nsa2.tmp\KillProcDLL.dll
- %TEMP%\nsa2.tmp\SelfDelete.dll
- %PROGRAM_FILES%\ezenjoy\installer.exe в %PROGRAM_FILES%\ezenjoy\installer_dbgosms.exe
- 'lo#.##sence.co.kr':80
- lo#.##sence.co.kr/logexp.php?ai###############################
- DNS ASK lo#.##sence.co.kr
- ClassName: '' WindowName: 'LogViewer'
- ClassName: 'Indicator' WindowName: ''