Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{RQQ0N6C3-A3DP-P76L-RSL6-7ACPVJJN0N80}] 'StubPath' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'u7e4h2m' = '%HOMEPATH%\u7e4h2m\80138.vbs'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- Диспетчера задач (Taskmgr)
- '%HOMEPATH%\u7e4h2m\m.com' ZTOZePTXHJ.AEX
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\u7e4h2m\run.vbs
- %HOMEPATH%\u7e4h2m\80138.vbs
- %TEMP%\%USERNAME%2.txt
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %HOMEPATH%\u7e4h2m\m.com
- %HOMEPATH%\u7e4h2m\QCiW.DXP
- %HOMEPATH%\u7e4h2m\ZTOZePTXHJ.AEX
- %HOMEPATH%\u7e4h2m\73065.cmd
- %HOMEPATH%\u7e4h2m\yJDCyjh.MFL
- %HOMEPATH%\u7e4h2m\yJDCyjh.MFL
- %HOMEPATH%\u7e4h2m\80138.vbs
- %HOMEPATH%\u7e4h2m\73065.cmd
- %HOMEPATH%\u7e4h2m\QCiW.DXP
- %HOMEPATH%\u7e4h2m\m.com
- %HOMEPATH%\u7e4h2m\ZTOZePTXHJ.AEX
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%2.txt
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'