Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MdDesk' = '"<Полный путь к файлу>"'
- %TEMP%\~~~~2600
- %TEMP%\~~~~2936
- %TEMP%\~~~~9752
- %TEMP%\~~~~5221
- %TEMP%\~~~~7529
- %TEMP%\~~~~7610
- %TEMP%\~~~~1701
- %TEMP%\~~~~1098
- %TEMP%\~~~~3151
- %TEMP%\~~~~5070
- %TEMP%\~~~~9346
- %TEMP%\~~~~5220
- %TEMP%\~~~~7427
- %TEMP%\~~~~1978
- %TEMP%\~MdDesk.PID
- %TEMP%\~~~~9745
- %TEMP%\~~~~2111
- %TEMP%\~~~~2072
- %TEMP%\~~~~9874
- %TEMP%\~~~~3152
- %TEMP%\~~~~5356
- %TEMP%\~~~~2600
- %TEMP%\~~~~2936
- %TEMP%\~~~~9752
- %TEMP%\~~~~5221
- %TEMP%\~~~~7529
- %TEMP%\~~~~7610
- %TEMP%\~~~~1701
- %TEMP%\~~~~1098
- %TEMP%\~~~~3151
- %TEMP%\~~~~5070
- %TEMP%\~~~~7427
- %TEMP%\~~~~3152
- %TEMP%\~~~~5220
- %TEMP%\~~~~9745
- %TEMP%\~~~~1978
- %TEMP%\~~~~2072
- %TEMP%\~~~~9346
- %TEMP%\~~~~2111
- %TEMP%\~~~~5356
- %TEMP%\~~~~9874
- 'me##.hao522.com':80
- http://me##.hao522.com/V4/V4.php
- DNS ASK me##.hao522.com
- ClassName: 'Shell_TrayWnd' WindowName: ''