Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Update' = '%APPDATA%\hostService1.exe'
- '%TEMP%\p.exe'
- '%APPDATA%\hostService1.exe'
- '%TEMP%\sefw.exe' x "%TEMP%\bhkoy.7z" -pbcbfocsmbo -o"%TEMP%\" -aoa
- '%TEMP%\nksdgnxf.exe'
- %TEMP%\nsw2.tmp\ExecDos.dll
- %TEMP%\p.exe
- %APPDATA%\hostService1.exe
- %TEMP%\nksdgnxf.exe
- %TEMP%\sefw.exe
- %TEMP%\bhkoy.7z
- %TEMP%\nsw2.tmp\ExecDos.dll
- ClassName: '(null)' WindowName: 'Rocketfuel Installer - Xvid Player'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'