Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '28m1zdq25mer32' = '%HOMEPATH%\28m1zdq25mer32\99015.vbs'
- '%HOMEPATH%\28m1zdq25mer32\YMSBXTPyNjm.com' QknR.GAB
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\28m1zdq25mer32\SKOwkFOoT.OQQ
- %HOMEPATH%\28m1zdq25mer32\89153.cmd
- %HOMEPATH%\28m1zdq25mer32\99015.vbs
- %HOMEPATH%\28m1zdq25mer32\hXGmz.ALD
- %HOMEPATH%\28m1zdq25mer32\YMSBXTPyNjm.com
- %HOMEPATH%\28m1zdq25mer32\QknR.GAB
- %HOMEPATH%\28m1zdq25mer32\SKOwkFOoT.OQQ
- %HOMEPATH%\28m1zdq25mer32\99015.vbs
- %HOMEPATH%\28m1zdq25mer32\89153.cmd
- %HOMEPATH%\28m1zdq25mer32\hXGmz.ALD
- %HOMEPATH%\28m1zdq25mer32\YMSBXTPyNjm.com
- %HOMEPATH%\28m1zdq25mer32\QknR.GAB
- 'ja####se-drama.net':3333
- DNS ASK ja####se-drama.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'