Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '*sNS6IVY' = ''
- <SYSTEM32>\rundll32.exe ""%HOMEPATH%\Local Settings\W9RAtU4s\bLEKmVft.2EY"",HFF8
- <SYSTEM32>\cscript.exe
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ctfmon.exe
- <SYSTEM32>\rundll32.exe
- %HOMEPATH%\Local Settings\W9RAtU4s\evtf2dQG.Lt3
- %HOMEPATH%\Local Settings\W9RAtU4s\Lgcbnme-.pcF
- %HOMEPATH%\Local Settings\W9RAtU4s\AdpUNLAV_WLAWrr_V_V9ViAiVoV.M42
- %HOMEPATH%\Local Settings\W9RAtU4s\AdpUNLAV_ALAWrr_V_V9WgNN_iu.M42
- %HOMEPATH%\Local Settings\W9RAtU4s\r7pi10Ig.Ppa
- %HOMEPATH%\Local Settings\W9RAtU4s\bLEKmVft.2EY
- %HOMEPATH%\Local Settings\W9RAtU4s\lRvzriSN.6vp
- %HOMEPATH%\Local Settings\W9RAtU4s\UtrD5uO6.Er1
- ClassName: 'Indicator' WindowName: ''