Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Pre-Setting 325qo.lnk
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_عط.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_iфXG.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_sешع.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_iخBب.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_eT.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_ыгol.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_кحى.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\order_яс.vbs"
- '<SYSTEM32>\ping.exe' -n 1 www.google.com
- 'C:\Configration\QLP\dwn_qJ.exe'
- 'C:\Configration\QLP\dwn_BLq.exe'
- %TEMP%\order_iфXG.vbs
- C:\Configration\QLP\tik_pmKK.txt
- %TEMP%\order_кحى.vbs
- %TEMP%\order_عط.vbs
- %TEMP%\order_sешع.vbs
- %TEMP%\order_iخBب.vbs
- C:\Configration\QLP\tik_CDCksF.txt
- C:\Configration\QLP\tik_WsSZT.txt
- C:\Configration\QLP\wbs.txt
- C:\Configration\wbs.txt
- C:\Configration\sign231.txt
- C:\Configration\QLP\dwn_BLq.exe
- %TEMP%\order_яс.vbs
- %TEMP%\order_eT.vbs
- %TEMP%\order_ыгol.vbs
- C:\Configration\QLP\dwn_BLq.exe в C:\Configration\QLP\dwn_qJ.exe
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''