Техническая информация
- '%WINDIR%\Temp\miXrhYmwffSFfCP.exe'
- '%PROGRAM_FILES%\RevoUninProSetup X64.exe'
- '%WINDIR%\Temp\miXrhYmwffSFfCP.exe' (загружен из сети Интернет)
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\Full-Clean.vbs"
- %TEMP%\nsa2.tmp\LangDLL.dll
- %PROGRAM_FILES%\VS Revo Group Ltd\RevoUninPro 3.0.8.0\Uninstall.ini
- %WINDIR%\Temp\miXrhYmwffSFfCP.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dll[1].exe
- %PROGRAM_FILES%\VS Revo Group Ltd\RevoUninPro 3.0.8.0\Uninstall.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\RevoUninProSetup X64.exe
- <SYSTEM32>\Full-Clean.vbs
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'www.we##ly.com':80
- 'localhost':1038
- www.we##ly.com/uploads/2/4/8/5/24853609/dll.exe
- DNS ASK www.we##ly.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'