Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AdobeFlashUpdateManager' = '"%WINDIR%\AdobeFlash\fp.exe"'
- Средство контроля пользовательских учетных записей (UAC)
- '%TEMP%\Remover.exe'
- '%WINDIR%\AdobeFlash\fp.exe'
- '%TEMP%\RarSFX0\fp.exe'
- chrome.exe
- %WINDIR%\AdobeFlash2\update.xml
- %WINDIR%\AdobeFlash\update.xml
- %WINDIR%\AdobeFlash2\MZђ
- %APPDATA%\crx.crx
- %APPDATA%\update.xml
- %TEMP%\link123.dat
- %WINDIR%\AdobeFlash\MZђ
- %TEMP%\Remover.exe
- %WINDIR%\AdobeFlash\fp.exe
- %TEMP%\RarSFX0\fp.exe
- %TEMP%\macos.txt
- %TEMP%\crx.crx
- %TEMP%\Remover.ahk
- %TEMP%\link123.dat
- %TEMP%\Remover.exe
- %TEMP%\macos.txt
- %TEMP%\RarSFX0\fp.exe
- %TEMP%\Remover.ahk
- 'www.an##ayfa.me':80
- 'www.be##nx.com':80
- 'www.e-##gen.com':80
- www.be##nx.com/MZ?
- www.an##ayfa.me/link.txt
- www.e-##gen.com/MZ?
- www.e-##gen.com/macos.txt
- www.be##nx.com/macos.txt
- DNS ASK www.an##ayfa.me
- DNS ASK www.be##nx.com
- DNS ASK www.e-##gen.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''