Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '1e6f17d9' = '%APPDATA%\1e6f17d9.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '1e6f17d' = 'C:\1e6f17d9\1e6f17d9.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\1e6f17d9.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SystemUpdate] 'ImagePath' = '%WINDIR%\FrameworkUpdate\Update.exe'
- '%WINDIR%\explorer.exe'
- '%WINDIR%\FrameworkUpdate\Update.exe'
- '%TEMP%\2.tmp'
- '%TEMP%\3.tmp'
- %WINDIR%\explorer.exe
- %APPDATA%\1e6f17d9.exe
- %APPDATA%\麽鎒駓覜
- %WINDIR%\FrameworkUpdate\Update.exe
- %TEMP%\2.tmp
- %TEMP%\3.tmp
- C:\1e6f17d9\1e6f17d9.exe
- %APPDATA%\麽鎒駓覜