Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'produpd' = '"%APPDATA%\VDI\Shared\Product Updater\produpd.exe" '
- %HOMEPATH%\Start Menu\Programs\Startup\monhost.lnk
- %APPDATA%\VDI\Shared\Product Updater\329992d0996410d26ee27064f255c8d0.exe
- %APPDATA%\VDI\Shared\Product Updater\d002c229a25154d6e18f348ef8a92891.exe
- %TEMP%\nsb2.tmp
- %APPDATA%\VDI\Shared\Product Updater\329992d0996410d26ee27064f255c8d0.exe в %APPDATA%\VDI\Shared\Product Updater\monhost.exe
- %APPDATA%\VDI\Shared\Product Updater\d002c229a25154d6e18f348ef8a92891.exe в %APPDATA%\VDI\Shared\Product Updater\produpd.exe