Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{C54C4AFB-8A2A-6C1E-BA41-C20F02444412}' = ''
- <SYSTEM32>\rundll32.exe "%TEMP%\\oowwwwwww.dl#" jjjswe478x
- <SYSTEM32>\rundll32.exe "%TEMP%\nvphelper.dat,set"
- %TEMP%\6ydcax
- %TEMP%\oowwwwwww.dll
- %TEMP%\xjhzb360s.dll
- %TEMP%\360s.exe
- %TEMP%\360up.exe
- %TEMP%\360saf.exe
- %TEMP%\nvphelper.dat
- %TEMP%\xjhzb360s.dll
- %TEMP%\360s.exe
- %TEMP%\360saf.exe
- %TEMP%\360up.exe
- ClassName: 'D3D Window' WindowName: 'YB_OnlineClient'
- ClassName: '#32770' WindowName: 'Yulgang_File_Update'