Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'zcgb3s0a.ewt' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wtljsq2q.ena' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'o3rhe3t3.b5z' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'df1udaex.wt2' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'l4n2tctm.ey3' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'oh245cph.paa' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'lo34oydq.bd0' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '3an3w3qh.r1a' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '2dqykgd5.vqt' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'fb3pw5te.uj2' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'xe0nmalp.dq2' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wxz5lfrs.dup' = '%HOMEPATH%\Templates\Service.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'jp40kx2f.d4h' = '%HOMEPATH%\Templates\Service.exe'
- скрытых файлов
- расширений файлов
- <LS_APPDATA>\Thumbs.db
- <LS_APPDATA>\ExpIorer.exe
- ClassName: 'Indicator' WindowName: ''