Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] '2AUYTG3YR7H7' = '%APPDATA%\7Y090BTE.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run] '2AUYTG3YR7H7' = '%APPDATA%\7Y090BTE.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '2AUYTG3YR7H7' = '%APPDATA%\7Y090BTE.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '2AUYTG3YR7H7' = '%APPDATA%\7Y090BTE.exe'
- '<LS_APPDATA>\Xenocode\Sandbox\GGGGGG\2.0.0.0\2011.11.15T19.55\Virtual\STUBEXE\8.0.1112\@PROFILE@\Local Settings\Temp\visstee1.exe'
- '%TEMP%\Facebook Friend Added.exe'
- '%TEMP%\Update.exe'
- <SYSTEM32>\d3d9caps.dat
- <SYSTEM32>\d3d9caps.tmp
- %APPDATA%\JPAPNZ.dll
- %APPDATA%\7Y090BTE.exe
- %TEMP%\Update.exe
- %TEMP%\Facebook Friend Added.exe
- <SYSTEM32>\d3d9caps.dat
- <SYSTEM32>\d3d9caps.tmp в <SYSTEM32>\d3d9caps.dat
- 'bl###shades.ru':9081
- DNS ASK bl###shades.ru
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''