Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = 'vkgifts.exe'
- '%TEMP%\vkgifts.exe'
- '<SYSTEM32>\taskkill.exe' /f /im chrome.exe
- '<SYSTEM32>\taskkill.exe' /f /im opera.exe
- '<SYSTEM32>\taskkill.exe' /f /im magent.exe
- '<SYSTEM32>\taskkill.exe' /f /im iexplore.exe
- '<SYSTEM32>\sc.exe' stop sharedaccess
- '<SYSTEM32>\sc.exe' stop wscsvc
- '<SYSTEM32>\taskkill.exe' /f /im firefox.exe
- '<SYSTEM32>\sc.exe' stop Guard.Mail.ru
- firefox.exe
- chrome.exe
- opera.exe
- iexplore.exe
- %TEMP%\vkgifts.exe
- <SYSTEM32>\vkgifts.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: '(null)' WindowName: '????? ?????????? - Windows Internet Explorer'
- ClassName: '(null)' WindowName: '???? - Google Chrome'
- ClassName: '(null)' WindowName: '????? ?????????? - Google Chrome'
- ClassName: '(null)' WindowName: '??????????? ????????????'
- ClassName: '(null)' WindowName: '????????? ??????? ??????'
- ClassName: '(null)' WindowName: '???? - Windows Internet Explorer'
- ClassName: '(null)' WindowName: '???? - Opera'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'VKspy!'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '????? ?????????? - Opera'
- ClassName: '(null)' WindowName: '???? - Mozilla Firefox'
- ClassName: '(null)' WindowName: '????? ?????????? - Mozilla Firefox'