Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Pre-Setting 261qUVik.lnk
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_ئلرU.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_ءgjش.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_GتH.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_sLةش.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_шHثu.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_гX.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_tغg.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_аش.vbs"
- '<SYSTEM32>\ping.exe' -n 1 www.google.com
- '%WINDIR% Update\IBh\dwn_WEu.exe'
- '%WINDIR% Update\IBh\dwn_tCLxPM.exe'
- %TEMP%\order_ءgjش.vbs
- %WINDIR% Update\IBh\tik_RgGj.txt
- %TEMP%\order_tغg.vbs
- %TEMP%\order_ئلرU.vbs
- %TEMP%\order_GتH.vbs
- %TEMP%\order_sLةش.vbs
- %WINDIR% Update\IBh\tik_pCqL.txt
- %WINDIR% Update\IBh\tik_jlYM.txt
- %WINDIR% Update\IBh\wbs.txt
- %WINDIR% Update\wbs.txt
- %WINDIR% Update\sign231.txt
- %WINDIR% Update\IBh\dwn_tCLxPM.exe
- %TEMP%\order_аش.vbs
- %TEMP%\order_шHثu.vbs
- %TEMP%\order_гX.vbs
- %WINDIR% Update\IBh\dwn_tCLxPM.exe в %WINDIR% Update\IBh\dwn_WEu.exe
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''