Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '%TEMP%\YBbWbSMD\FYdAYbRi.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe'
- '%APPDATA%\IEbAAeZgeV.exe'
- %TEMP%\bassmod.dll
- %TEMP%\dup2patcher.dll
- %TEMP%\YBbWbSMD\FYdAYbRi.exe
- %TEMP%\A1D76FF97175BF79025AB7AA1DDF0A2A.dll
- %APPDATA%\IEbAAeZgeV.exe
- %TEMP%\SUaVfQdWHS.eJ
- %TEMP%\aut1.tmp
- %TEMP%\IiEPMOGYGLC.CNVW
- %TEMP%\aut2.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''