Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SunJavaUpdateService' = 'c:\ProgramData\JavaUpdateService.exe'
- '<SYSTEM32>\wscript.exe' "<Текущая директория>\tem.vbs"
- 'C:\ProgramData\JavaUpdateService.exe'
- C:\ProgramData\libstdc++-6.dll
- C:\ProgramData\libgcc_s_seh-1.dll
- C:\ProgramData\libeay32.dll
- C:\ProgramData\libwinpthread-1.dll
- %TEMP%\3.tmp
- %TEMP%\2.tmp
- %TEMP%\1.tmp
- C:\ProgramData\libcurl.dll
- C:\ProgramData\tmp.bin
- C:\ProgramData\unrar.dll
- C:\ProgramData\JavaUpdateService.exe
- <Текущая директория>\tem.vbs
- C:\ProgramData\zlib1.dll
- C:\ProgramData\ssleay32.dll
- C:\ProgramData\Mrolsmic.exe
- <Текущая директория>\tem.vbs
- %TEMP%\3.tmp
- %TEMP%\2.tmp
- %TEMP%\1.tmp
- C:\ProgramData\Mrolsmic.exe в C:\ProgramData\SVCH0ST.EXE
- ClassName: 'Shell_TrayWnd' WindowName: ''