Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdVantage' = '%APPDATA%\advantage\AdVantage.exe'
- <SYSTEM32>\systeminfo.exe
- %APPDATA%\advantage\AdVantage.exe
- %APPDATA%\Microsoft\Sze\hqhmp
- ClassName: '7676' WindowName: '7676'
- ClassName: ' ' WindowName: '6'
- ClassName: '0' WindowName: '0'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '54' WindowName: '6'
- ClassName: '54' WindowName: '384 3 255'
- ClassName: '8085158' WindowName: '123474 6'
- ClassName: ' 72 6 ' WindowName: '6'
- ClassName: '839 ' WindowName: '839 '
- ClassName: '946 ' WindowName: ' '
- ClassName: '7' WindowName: '3 '
- ClassName: ' 72 6 ' WindowName: '384 3 255'
- ClassName: '9666' WindowName: '901'