Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Vgawimov' = '{73843279-E47A-411F-AEFE-CE6A8CCBD7DF}'
- <SYSTEM32>\bmpelctl.dll
- <SYSTEM32>\ceracurl.dll
- <SYSTEM32>\miditui.dll
- %TEMP%\_is119781.ini
- <SYSTEM32>\uricedat.dll
- %TEMP%\UUU2.tmp
- %TEMP%\UUU1.tmp
- <SYSTEM32>\chkogbot32.dll
- <SYSTEM32>\batebuni.dll
- %TEMP%\UUU3.tmp
- %TEMP%\UUU3.tmp
- %TEMP%\_is119781.ini
- %TEMP%\UUU1.tmp
- %TEMP%\UUU2.tmp