Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] '9ZNMMX5ENVHB' = '%APPDATA%\EOUWSSVU.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run] '9ZNMMX5ENVHB' = '%APPDATA%\EOUWSSVU.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '9ZNMMX5ENVHB' = '%APPDATA%\EOUWSSVU.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '9ZNMMX5ENVHB' = '%APPDATA%\EOUWSSVU.exe'
- '%TEMP%\cvtres.exe'
- '%TEMP%\upIEd.exe'
- %APPDATA%\QF3CGG.dll
- %TEMP%\cvtres.exe
- %TEMP%\upIEd.exe
- %TEMP%\cvtres.exe в %APPDATA%\EOUWSSVU.exe
- 'bl###shades.ru':9081
- DNS ASK bl###shades.ru
- ClassName: 'Indicator' WindowName: '(null)'