Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GKN Start' = '<SYSTEM32>\WKWHXN\GKN.exe'
- <SYSTEM32>\WKWHXN\GKN.exe
- Библиотека-обработчик для всех процессов: <SYSTEM32>\WKWHXN\GKN.001
- <SYSTEM32>\WKWHXN\GKN.001
- <SYSTEM32>\WKWHXN\GKN.004
- <SYSTEM32>\WKWHXN\GKN.002
- <SYSTEM32>\WKWHXN\GKN.exe
- <SYSTEM32>\WKWHXN\AKV.exe
- %ALLUSERSPROFILE%\Application Data\Ubi_Soft\100.00\Data\updates.dat
- %ALLUSERSPROFILE%\Application Data\Ubi_Soft\100.00\Data\app.dat
- %APPDATA%\Ubi_Soft\100.00\Data\dya.dat
- %ALLUSERSPROFILE%\Desktop:$SS_DESCRIPTOR_1BFCV9PTAV1JF8P3J7LSHFS45XVVPVTVVBVVVVT
- %ALLUSERSPROFILE%\Application Data\Ubi_Soft\100.00:$SS_DESCRIPTOR_1BFCV9PTAV1JF8P3J7LSHFS45XVVPVTVVBVVVVT
- ClassName: '' WindowName: 'AKLMW'