Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Es57Un' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'EsUn' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'EsdUn' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Es5Un' = ''
- '<SYSTEM32>\ntvdm.exe' -f -i1
- %APPDATA%\Es-Un\Upe2Dets.ocx
- %TEMP%\aut7.tmp
- %APPDATA%\Es-Un\UpeD3et.dll
- %TEMP%\aut6.tmp
- %APPDATA%\Es-Un\UpeDet.bat
- %WINDIR%\Temp\scs9.tmp
- %WINDIR%\Temp\scsA.tmp
- %TEMP%\aut8.tmp
- %APPDATA%\Es-Un\UpeDe.ocx
- %TEMP%\aut2.tmp
- %APPDATA%\Es-Un\UpeDe.ai
- %TEMP%\aut1.tmp
- %APPDATA%\Es-Un\Up58eDet.com
- %TEMP%\aut3.tmp
- %APPDATA%\Es-Un\Up7eDet.dll
- %TEMP%\aut5.tmp
- %APPDATA%\Es-Un\UpeD9et.bat
- %TEMP%\aut4.tmp
- %APPDATA%\Es-Un\Up58eDet.com
- %TEMP%\aut7.tmp
- %TEMP%\aut6.tmp
- %TEMP%\aut8.tmp
- %WINDIR%\Temp\scsA.tmp
- %WINDIR%\Temp\scs9.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut4.tmp
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a98.a9c.380001'
- ClassName: 'Indicator' WindowName: ''