Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '0e7404a8d00ee7ae78c9217f64aeb6c1' = '"%WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '0e7404a8d00ee7ae78c9217f64aeb6c1' = '"%WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe" ..'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe" "vbc.exe" ENABLE
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe'
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- %TEMP%\g34g34cc
- %TEMP%\aut6CA9.tmp
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0e7404a8d00ee7ae78c9217f64aeb6c1.exe
- %TEMP%\792446
- %TEMP%\411751
- %TEMP%\aut6BDC.tmp
- %TEMP%\incl1
- %TEMP%\aut6C5A.tmp
- %TEMP%\aut6CA9.tmp
- %TEMP%\aut6C5A.tmp
- %TEMP%\aut6BDC.tmp
- %TEMP%\g34g34cc в %TEMP%\incl2
- DNS ASK dn#.##ftncsi.com
- DNS ASK hu#####4.duckdns.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''