Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '99176qpi1j2o' = '%HOMEPATH%\99176qpi1j2o\xxjqzlgkoj.vbs'
- '%HOMEPATH%\99176qpi1j2o\vyuJCPamXJ.exe' lgdgJVIc.QTW
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\99176qpi1j2o\PsnoMgyILG.ZEX
- %HOMEPATH%\99176qpi1j2o\vxpe.cmd
- %HOMEPATH%\99176qpi1j2o\xxjqzlgkoj.vbs
- %HOMEPATH%\99176qpi1j2o\ehvyZtRLQ.EEF
- %HOMEPATH%\99176qpi1j2o\vyuJCPamXJ.exe
- %HOMEPATH%\99176qpi1j2o\lgdgJVIc.QTW
- %HOMEPATH%\99176qpi1j2o\PsnoMgyILG.ZEX
- %HOMEPATH%\99176qpi1j2o\xxjqzlgkoj.vbs
- %HOMEPATH%\99176qpi1j2o\vxpe.cmd
- %HOMEPATH%\99176qpi1j2o\ehvyZtRLQ.EEF
- %HOMEPATH%\99176qpi1j2o\vyuJCPamXJ.exe
- %HOMEPATH%\99176qpi1j2o\lgdgJVIc.QTW
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'