Техническая информация
Для обеспечения автозапуска и распространения:
Модифицирует следующие ключи реестра:
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdceuk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqxkpw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxfhfv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemiayyy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemomoko.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoqkiq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvyiyq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemifaxs.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdigse.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxoybs.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqzsuc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsxkve.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnddje.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfrlmu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjepkv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgqwal.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemthsbz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlrjrr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemowdsf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrpwbj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembhkwz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjcvjj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdmyet.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtrixk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlfndx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemokibw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemykwfu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemolqdv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhlpcv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcrhkk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzdedm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjrtbu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsvjqn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmbbyb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemphqoc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembabxr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzxjcv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemceytw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhxvcf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkdqow.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhqmtp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgiwru.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnjaiv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemahvoi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxfdun.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemppdit.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvivbu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemphlbx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemppsfu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxziux.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwrsrk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuiefj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhnjjh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfymsh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxjkvo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqempnzlc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembfysj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvycaw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemiphak.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtahvd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtdxew.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemavbvj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjoaap.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemisxrj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemanlvt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemidbgk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsrlwx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkitdj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdojlq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqcdzj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlivnj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwukxi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmdqgm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemerric.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwxafb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoubtt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemprlxe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrzkzy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemghzgy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembnsuy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrscmi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjuuvu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlamow.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemeonew.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwzdck.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemefeol.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrhmpu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjaaky.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkvsdg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzocmo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkoqhm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxqyiv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzkysp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemokwoh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemujehu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzroch.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxkqtp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzbeof.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmsjob.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemckfrf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqempqzfq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsxpft.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfxcmg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqdjhb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvfbax.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxmbom.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsntfx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfsnti.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrnvgi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfzsse.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfzfoc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnodzt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcxqfg.exe'
Вредоносные функции:
Создает и запускает на исполнение:
- '%TEMP%\Sysqemdceuk.exe'
- '%TEMP%\Sysqemqxkpw.exe'
- '%TEMP%\Sysqemxfhfv.exe'
- '%TEMP%\Sysqemiayyy.exe'
- '%TEMP%\Sysqemomoko.exe'
- '%TEMP%\Sysqemoqkiq.exe'
- '%TEMP%\Sysqemvyiyq.exe'
- '%TEMP%\Sysqemifaxs.exe'
- '%TEMP%\Sysqemdigse.exe'
- '%TEMP%\Sysqemxoybs.exe'
- '%TEMP%\Sysqemqzsuc.exe'
- '%TEMP%\Sysqemsxkve.exe'
- '%TEMP%\Sysqemnddje.exe'
- '%TEMP%\Sysqemfrlmu.exe'
- '%TEMP%\Sysqemjepkv.exe'
- '%TEMP%\Sysqemgqwal.exe'
- '%TEMP%\Sysqemthsbz.exe'
- '%TEMP%\Sysqemlrjrr.exe'
- '%TEMP%\Sysqemowdsf.exe'
- '%TEMP%\Sysqemrpwbj.exe'
- '%TEMP%\Sysqembhkwz.exe'
- '%TEMP%\Sysqemjcvjj.exe'
- '%TEMP%\Sysqemdmyet.exe'
- '%TEMP%\Sysqemtrixk.exe'
- '%TEMP%\Sysqemlfndx.exe'
- '%TEMP%\Sysqemokibw.exe'
- '%TEMP%\Sysqemykwfu.exe'
- '%TEMP%\Sysqemolqdv.exe'
- '%TEMP%\Sysqemhlpcv.exe'
- '%TEMP%\Sysqemcrhkk.exe'
- '%TEMP%\Sysqemzdedm.exe'
- '%TEMP%\Sysqemjrtbu.exe'
- '%TEMP%\Sysqemsvjqn.exe'
- '%TEMP%\Sysqemmbbyb.exe'
- '%TEMP%\Sysqemphqoc.exe'
- '%TEMP%\Sysqembabxr.exe'
- '%TEMP%\Sysqemzxjcv.exe'
- '%TEMP%\Sysqemceytw.exe'
- '%TEMP%\Sysqemhxvcf.exe'
- '%TEMP%\Sysqemkdqow.exe'
- '%TEMP%\Sysqemhqmtp.exe'
- '%TEMP%\Sysqemgiwru.exe'
- '%TEMP%\Sysqemnjaiv.exe'
- '%TEMP%\Sysqemahvoi.exe'
- '%TEMP%\Sysqemxfdun.exe'
- '%TEMP%\Sysqemppdit.exe'
- '%TEMP%\Sysqemvivbu.exe'
- '%TEMP%\Sysqemphlbx.exe'
- '%TEMP%\Sysqemppsfu.exe'
- '%TEMP%\Sysqemxziux.exe'
- '%TEMP%\Sysqemwrsrk.exe'
- '%TEMP%\Sysqemuiefj.exe'
- '%TEMP%\Sysqemhnjjh.exe'
- '%TEMP%\Sysqemfymsh.exe'
- '%TEMP%\Sysqemxjkvo.exe'
- '%TEMP%\Sysqempnzlc.exe'
- '%TEMP%\Sysqembfysj.exe'
- '%TEMP%\Sysqemvycaw.exe'
- '%TEMP%\Sysqemiphak.exe'
- '%TEMP%\Sysqemtahvd.exe'
- '%TEMP%\Sysqemtdxew.exe'
- '%TEMP%\Sysqemavbvj.exe'
- '%TEMP%\Sysqemjoaap.exe'
- '%TEMP%\Sysqemisxrj.exe'
- '%TEMP%\Sysqemanlvt.exe'
- '%TEMP%\Sysqemidbgk.exe'
- '%TEMP%\Sysqemsrlwx.exe'
- '%TEMP%\Sysqemkitdj.exe'
- '%TEMP%\Sysqemdojlq.exe'
- '%TEMP%\Sysqemqcdzj.exe'
- '%TEMP%\Sysqemlivnj.exe'
- '%TEMP%\Sysqemwukxi.exe'
- '%TEMP%\Sysqemmdqgm.exe'
- '%TEMP%\Sysqemerric.exe'
- '%TEMP%\Sysqemwxafb.exe'
- '%TEMP%\Sysqemoubtt.exe'
- '%TEMP%\Sysqemprlxe.exe'
- '%TEMP%\Sysqemrzkzy.exe'
- '%TEMP%\Sysqemghzgy.exe'
- '%TEMP%\Sysqembnsuy.exe'
- '%TEMP%\Sysqemrscmi.exe'
- '%TEMP%\Sysqemjuuvu.exe'
- '%TEMP%\Sysqemlamow.exe'
- '%TEMP%\Sysqemeonew.exe'
- '%TEMP%\Sysqemwzdck.exe'
- '%TEMP%\Sysqemefeol.exe'
- '%TEMP%\Sysqemrhmpu.exe'
- '%TEMP%\Sysqemjaaky.exe'
- '%TEMP%\Sysqemkvsdg.exe'
- '%TEMP%\Sysqemzocmo.exe'
- '%TEMP%\Sysqemkoqhm.exe'
- '%TEMP%\Sysqemxqyiv.exe'
- '%TEMP%\Sysqemzkysp.exe'
- '%TEMP%\Sysqemokwoh.exe'
- '%TEMP%\Sysqemujehu.exe'
- '%TEMP%\Sysqemzroch.exe'
- '%TEMP%\Sysqemxkqtp.exe'
- '%TEMP%\Sysqemzbeof.exe'
- '%TEMP%\Sysqemmsjob.exe'
- '%TEMP%\Sysqemckfrf.exe'
- '%TEMP%\Sysqempqzfq.exe'
- '%TEMP%\Sysqemsxpft.exe'
- '%TEMP%\Sysqemfxcmg.exe'
- '%TEMP%\Sysqemqdjhb.exe'
- '%TEMP%\Sysqemvfbax.exe'
- '%TEMP%\Sysqemxmbom.exe'
- '%TEMP%\Sysqemsntfx.exe'
- '%TEMP%\Sysqemfsnti.exe'
- '%TEMP%\Sysqemrnvgi.exe'
- '%TEMP%\Sysqemfzsse.exe'
- '%TEMP%\Sysqemfzfoc.exe'
- '%TEMP%\Sysqemnodzt.exe'
- '%TEMP%\Sysqemcxqfg.exe'
Изменения в файловой системе:
Создает следующие файлы:
- %TEMP%\Sysqemdceuk.exe
- %TEMP%\Sysqemqxkpw.exe
- %TEMP%\Sysqemxfhfv.exe
- %TEMP%\Sysqemiayyy.exe
- %TEMP%\Sysqemomoko.exe
- %TEMP%\Sysqemoqkiq.exe
- %TEMP%\Sysqemvyiyq.exe
- %TEMP%\Sysqemifaxs.exe
- %TEMP%\Sysqemdigse.exe
- %TEMP%\Sysqemxoybs.exe
- %TEMP%\Sysqemqzsuc.exe
- %TEMP%\Sysqemsxkve.exe
- %TEMP%\Sysqemnddje.exe
- %TEMP%\Sysqemfrlmu.exe
- %TEMP%\Sysqemtrixk.exe
- %TEMP%\Sysqemlrjrr.exe
- %TEMP%\Sysqemjepkv.exe
- %TEMP%\Sysqemgqwal.exe
- %TEMP%\Sysqembhkwz.exe
- %TEMP%\Sysqembfysj.exe
- %TEMP%\Sysqemowdsf.exe
- %TEMP%\Sysqemrpwbj.exe
- %TEMP%\Sysqemlfndx.exe
- %TEMP%\Sysqemjcvjj.exe
- %TEMP%\Sysqemdmyet.exe
- %TEMP%\Sysqemolqdv.exe
- %TEMP%\Sysqemthsbz.exe
- %TEMP%\Sysqemokibw.exe
- %TEMP%\Sysqemykwfu.exe
- %TEMP%\Sysqemcrhkk.exe
- %TEMP%\Sysqemzdedm.exe
- %TEMP%\Sysqemkdqow.exe
- %TEMP%\Sysqemhlpcv.exe
- %TEMP%\Sysqemmbbyb.exe
- %TEMP%\Sysqemphqoc.exe
- %TEMP%\Sysqemjrtbu.exe
- %TEMP%\Sysqemzxjcv.exe
- %TEMP%\Sysqemceytw.exe
- %TEMP%\Sysqemtwkjp.exe
- %TEMP%\Sysqembabxr.exe
- %TEMP%\Sysqemhqmtp.exe
- %TEMP%\Sysqemgiwru.exe
- %TEMP%\Sysqemhxvcf.exe
- %TEMP%\Sysqemsvjqn.exe
- %TEMP%\Sysqemnjaiv.exe
- %TEMP%\Sysqemahvoi.exe
- %TEMP%\Sysqemxfdun.exe
- %TEMP%\Sysqemppdit.exe
- %TEMP%\Sysqemvivbu.exe
- %TEMP%\Sysqemphlbx.exe
- %TEMP%\Sysqemppsfu.exe
- %TEMP%\Sysqemxziux.exe
- %TEMP%\Sysqemwrsrk.exe
- %TEMP%\Sysqemuiefj.exe
- %TEMP%\Sysqemhnjjh.exe
- %TEMP%\Sysqemfymsh.exe
- %TEMP%\Sysqemxjkvo.exe
- %TEMP%\Sysqempnzlc.exe
- %TEMP%\Sysqemtdxew.exe
- %TEMP%\Sysqemvycaw.exe
- %TEMP%\Sysqemiphak.exe
- %TEMP%\Sysqemisxrj.exe
- %TEMP%\Sysqemrscmi.exe
- %TEMP%\Sysqemavbvj.exe
- %TEMP%\Sysqemjoaap.exe
- %TEMP%\Sysqemkitdj.exe
- %TEMP%\Sysqemanlvt.exe
- %TEMP%\Sysqemidbgk.exe
- %TEMP%\Sysqemlivnj.exe
- %TEMP%\Sysqemtahvd.exe
- %TEMP%\Sysqemdojlq.exe
- %TEMP%\Sysqemqcdzj.exe
- %TEMP%\Sysqembnsuy.exe
- %TEMP%\Sysqemrzkzy.exe
- %TEMP%\Sysqemwxafb.exe
- %TEMP%\Sysqemwukxi.exe
- %TEMP%\Sysqemprlxe.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemoubtt.exe
- %TEMP%\Sysqemwzdck.exe
- %TEMP%\Sysqemjuuvu.exe
- %TEMP%\Sysqemghzgy.exe
- %TEMP%\Sysqemeonew.exe
- %TEMP%\Sysqemmdqgm.exe
- %TEMP%\Sysqemerric.exe
- %TEMP%\Sysqemlamow.exe
- %TEMP%\Sysqemefeol.exe
- %TEMP%\Sysqemrhmpu.exe
- %TEMP%\Sysqemjaaky.exe
- %TEMP%\Sysqemkvsdg.exe
- %TEMP%\Sysqemzocmo.exe
- %TEMP%\Sysqemkoqhm.exe
- %TEMP%\Sysqemxqyiv.exe
- %TEMP%\Sysqemzkysp.exe
- %TEMP%\Sysqemokwoh.exe
- %TEMP%\Sysqemujehu.exe
- %TEMP%\Sysqemzroch.exe
- %TEMP%\Sysqemxkqtp.exe
- %TEMP%\Sysqemzbeof.exe
- %TEMP%\Sysqemmsjob.exe
- %TEMP%\Sysqemrnvgi.exe
- %TEMP%\Sysqemfxcmg.exe
- %TEMP%\Sysqemckfrf.exe
- %TEMP%\Sysqempqzfq.exe
- %TEMP%\Sysqemxmbom.exe
- %TEMP%\Sysqemsrlwx.exe
- %TEMP%\Sysqemqdjhb.exe
- %TEMP%\Sysqemvfbax.exe
- %TEMP%\Sysqemfzsse.exe
- %TEMP%\Sysqemsntfx.exe
- %TEMP%\Sysqemfsnti.exe
- %TEMP%\Sysqemcxqfg.exe
- %TEMP%\Sysqemsxpft.exe
- %TEMP%\Sysqemfzfoc.exe
- %TEMP%\Sysqemnodzt.exe
Присваивает атрибут 'скрытый' для следующих файлов:
- %TEMP%\Sysqemiayyy.exe
- %TEMP%\Sysqemdceuk.exe
- %TEMP%\Sysqemqxkpw.exe
- %TEMP%\Sysqemvyiyq.exe
- %TEMP%\Sysqemtrixk.exe
- %TEMP%\Sysqemomoko.exe
- %TEMP%\Sysqemoqkiq.exe
- %TEMP%\Sysqemqzsuc.exe
- %TEMP%\Sysqemifaxs.exe
- %TEMP%\Sysqemdigse.exe
- %TEMP%\Sysqemfrlmu.exe
- %TEMP%\Sysqemxfhfv.exe
- %TEMP%\Sysqemsxkve.exe
- %TEMP%\Sysqemnddje.exe
- %TEMP%\Sysqemlrjrr.exe
- %TEMP%\Sysqemjepkv.exe
- %TEMP%\Sysqemgqwal.exe
- %TEMP%\Sysqembhkwz.exe
- %TEMP%\Sysqembfysj.exe
- %TEMP%\Sysqemowdsf.exe
- %TEMP%\Sysqemrpwbj.exe
- %TEMP%\Sysqemlfndx.exe
- %TEMP%\Sysqemjcvjj.exe
- %TEMP%\Sysqemdmyet.exe
- %TEMP%\Sysqemolqdv.exe
- %TEMP%\Sysqemthsbz.exe
- %TEMP%\Sysqemokibw.exe
- %TEMP%\Sysqemykwfu.exe
- %TEMP%\Sysqemxoybs.exe
- %TEMP%\Sysqemhlpcv.exe
- %TEMP%\Sysqemcrhkk.exe
- %TEMP%\Sysqemzdedm.exe
- %TEMP%\Sysqemjrtbu.exe
- %TEMP%\Sysqemsvjqn.exe
- %TEMP%\Sysqemmbbyb.exe
- %TEMP%\Sysqemphqoc.exe
- %TEMP%\Sysqembabxr.exe
- %TEMP%\Sysqemzxjcv.exe
- %TEMP%\Sysqemceytw.exe
- %TEMP%\Sysqemhxvcf.exe
- %TEMP%\Sysqemkdqow.exe
- %TEMP%\Sysqemhqmtp.exe
- %TEMP%\Sysqemgiwru.exe
- %TEMP%\Sysqemnjaiv.exe
- %TEMP%\Sysqemahvoi.exe
- %TEMP%\Sysqemxfdun.exe
- %TEMP%\Sysqemppdit.exe
- %TEMP%\Sysqemvivbu.exe
- %TEMP%\Sysqemphlbx.exe
- %TEMP%\Sysqemppsfu.exe
- %TEMP%\Sysqemxziux.exe
- %TEMP%\Sysqemwrsrk.exe
- %TEMP%\Sysqemuiefj.exe
- %TEMP%\Sysqemhnjjh.exe
- %TEMP%\Sysqemfymsh.exe
- %TEMP%\Sysqemxjkvo.exe
- %TEMP%\Sysqempnzlc.exe
- %TEMP%\Sysqemtdxew.exe
- %TEMP%\Sysqemvycaw.exe
- %TEMP%\Sysqemiphak.exe
- %TEMP%\Sysqemisxrj.exe
- %TEMP%\Sysqemrscmi.exe
- %TEMP%\Sysqemavbvj.exe
- %TEMP%\Sysqemjoaap.exe
- %TEMP%\Sysqemkitdj.exe
- %TEMP%\Sysqemanlvt.exe
- %TEMP%\Sysqemidbgk.exe
- %TEMP%\Sysqemlivnj.exe
- %TEMP%\Sysqemtahvd.exe
- %TEMP%\Sysqemdojlq.exe
- %TEMP%\Sysqemqcdzj.exe
- %TEMP%\Sysqemwxafb.exe
- %TEMP%\Sysqemwukxi.exe
- %TEMP%\Sysqemmdqgm.exe
- %TEMP%\Sysqemrzkzy.exe
- %TEMP%\Sysqemoubtt.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemprlxe.exe
- %TEMP%\Sysqemjuuvu.exe
- %TEMP%\Sysqemghzgy.exe
- %TEMP%\Sysqembnsuy.exe
- %TEMP%\Sysqemwzdck.exe
- %TEMP%\Sysqemerric.exe
- %TEMP%\Sysqemlamow.exe
- %TEMP%\Sysqemeonew.exe
- %TEMP%\Sysqemsrlwx.exe
- %TEMP%\Sysqemefeol.exe
- %TEMP%\Sysqemrhmpu.exe
- %TEMP%\Sysqemjaaky.exe
- %TEMP%\Sysqemkvsdg.exe
- %TEMP%\Sysqemzocmo.exe
- %TEMP%\Sysqemkoqhm.exe
- %TEMP%\Sysqemxqyiv.exe
- %TEMP%\Sysqemzkysp.exe
- %TEMP%\Sysqemokwoh.exe
- %TEMP%\Sysqemujehu.exe
- %TEMP%\Sysqemzroch.exe
- %TEMP%\Sysqemxkqtp.exe
- %TEMP%\Sysqemzbeof.exe
- %TEMP%\Sysqemmsjob.exe
- %TEMP%\Sysqemckfrf.exe
- %TEMP%\Sysqempqzfq.exe
- %TEMP%\Sysqemsxpft.exe
- %TEMP%\Sysqemfxcmg.exe
- %TEMP%\Sysqemqdjhb.exe
- %TEMP%\Sysqemvfbax.exe
- %TEMP%\Sysqemxmbom.exe
- %TEMP%\Sysqemsntfx.exe
- %TEMP%\Sysqemfsnti.exe
- %TEMP%\Sysqemrnvgi.exe
- %TEMP%\Sysqemfzsse.exe
- %TEMP%\Sysqemfzfoc.exe
- %TEMP%\Sysqemnodzt.exe
- %TEMP%\Sysqemcxqfg.exe
