Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Avihabat' = '{0F64D4B2-A13E-4476-8E5E-62797AD509C6}'
- <SYSTEM32>\svrucfat\dlgocmid\svridw32.dll
- <SYSTEM32>\conawhex.dll
- %TEMP%\_is137796.ini
- <SYSTEM32>\svrafusb.dll
- <SYSTEM32>\tmpobdir.dll
- %TEMP%\UUU2.tmp
- %TEMP%\UUU1.tmp
- %TEMP%\UUU3.tmp
- <SYSTEM32>\kbdufweb32.dll
- %TEMP%\UUU3.tmp
- %TEMP%\_is137796.ini
- %TEMP%\UUU1.tmp
- %TEMP%\UUU2.tmp