Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '%TEMP%\svhost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'System Starter' = '%APPDATA%\Config\dropRe.exe'
- '%TEMP%\pockets.exe'
- '%TEMP%\svhost.exe'
- '%APPDATA%\Config\dropRe.exe'
- '%APPDATA%\install.exe'
- '%APPDATA%\K11KFA.exe'
- %TEMP%\pockets.exe
- %TEMP%\setting.jpg
- %TEMP%\svhost.exe
- %APPDATA%\Config\dropRe.exe
- %APPDATA%\install.exe
- %APPDATA%\K11KFA.exe
- %APPDATA%\Config\system_img.jpg
- %TEMP%\svhost.exe
- %TEMP%\setting.jpg
- %APPDATA%\Config\system_img.jpg
- %APPDATA%\install.exe
- %APPDATA%\Config\dropRe.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''