Техническая информация
- 'C:\PROGRA~2\rundll32.exe' C:\PROGRA~2\qeqewi9.dat,FG00
- '<SYSTEM32>\ctfmon.exe'
- '<SYSTEM32>\taskhost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- C:\ProgramData\9iweqeq.pad
- C:\ProgramData\9iweqeq.js
- C:\ProgramData\rundll32.exe
- C:\ProgramData\qeqewi9.dat
- 'localhost':57434
- '66.##7.215.165':80
- DNS ASK go.###rosoft.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''