Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'c4g6n3bp2fb8' = '%HOMEPATH%\c4g6n3bp2fb8\imug.vbs'
- %HOMEPATH%\Start Menu\Programs\Startup\RegSvcs.exe
- '%HOMEPATH%\c4g6n3bp2fb8\update.exe' Fyyqzs.PCT
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\c4g6n3bp2fb8\imug.vbs
- %HOMEPATH%\c4g6n3bp2fb8\pvbauxed.cmd
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\invoice_img[1].png
- %HOMEPATH%\c4g6n3bp2fb8\run.vbs
- %HOMEPATH%\c4g6n3bp2fb8\update.exe
- %HOMEPATH%\c4g6n3bp2fb8\pwVc.DFO
- %HOMEPATH%\c4g6n3bp2fb8\apcpMCTnHvZa.HLF
- %HOMEPATH%\c4g6n3bp2fb8\Fyyqzs.PCT
- %HOMEPATH%\c4g6n3bp2fb8\apcpMCTnHvZa.HLF
- %HOMEPATH%\c4g6n3bp2fb8\imug.vbs
- %HOMEPATH%\c4g6n3bp2fb8\pvbauxed.cmd
- %HOMEPATH%\c4g6n3bp2fb8\pwVc.DFO
- %HOMEPATH%\c4g6n3bp2fb8\update.exe
- %HOMEPATH%\c4g6n3bp2fb8\Fyyqzs.PCT
- 'www.eb##.pro':80
- 'localhost':1037
- www.eb##.pro/images/invoice_img.png
- DNS ASK wp#d
- DNS ASK sm##.yandex.ru
- DNS ASK www.eb##.pro
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'