Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdVantage' = '%APPDATA%\advantage\AdVantage.exe'
- <SYSTEM32>\systeminfo.exe
- %APPDATA%\advantage\AdVantage.exe
- %APPDATA%\Microsoft\Sze\hqhmp
- ClassName: '1 2 6' WindowName: '215997921'
- ClassName: ' 78 5 ' WindowName: ' 78 5 '
- ClassName: ' 368584' WindowName: ' 2528'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '5 6 7 ' WindowName: ' 7567 8'
- ClassName: '6771 0587' WindowName: '1'
- ClassName: ' 559 05' WindowName: '8071269 9'
- ClassName: ' 0' WindowName: '05090 '
- ClassName: '9 4432' WindowName: '9 4432'
- ClassName: '5 6 7 ' WindowName: ' 93 19'