Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'jXf10L' = '%HOMEPATH%\mMe51I\taskmgr.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\Java Platform SE Auto Updater.lnk
- '%TEMP%\Java_Mandatory\jusched.exe'
- '%HOMEPATH%\mMe51I\taskmgr.exe'
- '%TEMP%\Java_Mandatory\3cMPCPwWZeHUZflE.exe' -pMUyOGc -d%TEMP%\Java_Mandatory
- '%TEMP%\oKGnqC8bR.exe'
- '%TEMP%\ProxyFinder.exe'
- '<SYSTEM32>\notepad.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\Java_Mandatory\FzjsZf7np1HB3npD6ATWd7dkWbjL51972VHy2nSeODzd1zgkKGvJNlCUR.bat" "
- '<SYSTEM32>\wscript.exe' "%TEMP%\Java_Mandatory\hOfPHj5uZbtFIQ5hamUuAzC7B05v.vbs"
- <SYSTEM32>\notepad.exe
- %HOMEPATH%\mMe51I\taskmgr.exe
- %TEMP%\Java_Mandatory\jusched.exe
- %HOMEPATH%\aOc21T.txt
- %HOMEPATH%\mMe51I\jGitO.jjnl
- %TEMP%\Java_Mandatory\hOfPHj5uZbtFIQ5hamUuAzC7B05v.vbs
- %TEMP%\ProxyFinder.exe
- %TEMP%\oKGnqC8bR.exe
- %TEMP%\Java_Mandatory\3cMPCPwWZeHUZflE.exe
- %TEMP%\Java_Mandatory\FzjsZf7np1HB3npD6ATWd7dkWbjL51972VHy2nSeODzd1zgkKGvJNlCUR.bat
- %HOMEPATH%\aOc21T.txt
- 'bi#####3vpn.no-ip.biz':35689
- DNS ASK bi#####3vpn.no-ip.biz
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'