Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '7jdxvuet' = '%HOMEPATH%\7jdxvuet\dd8h69wbwo8.vbs'
- '%HOMEPATH%\7jdxvuet\wwWxjvMKWZO.com' pRGRHCjL.CXJ
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\7jdxvuet\XwGI.NRD
- %HOMEPATH%\7jdxvuet\a2j41r7h7.cmd
- %HOMEPATH%\7jdxvuet\dd8h69wbwo8.vbs
- %HOMEPATH%\7jdxvuet\iXgTRyuOk.FNY
- %HOMEPATH%\7jdxvuet\wwWxjvMKWZO.com
- %HOMEPATH%\7jdxvuet\pRGRHCjL.CXJ
- %HOMEPATH%\7jdxvuet\XwGI.NRD
- %HOMEPATH%\7jdxvuet\dd8h69wbwo8.vbs
- %HOMEPATH%\7jdxvuet\a2j41r7h7.cmd
- %HOMEPATH%\7jdxvuet\iXgTRyuOk.FNY
- %HOMEPATH%\7jdxvuet\wwWxjvMKWZO.com
- %HOMEPATH%\7jdxvuet\pRGRHCjL.CXJ
- 'ja####se-drama.net':3333
- DNS ASK ja####se-drama.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'