Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'libcoco2dlll' = 'wscript.exe //B "%TEMP%\libcoco2dlll.vbs"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'libcoco2dlll' = 'wscript.exe //B "%TEMP%\libcoco2dlll.vbs"'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\libcoco2dlll.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\libcoco2dlll.vbs
- скрытых файлов
- '<SYSTEM32>\wscript.exe' "%TEMP%\libcoco2dlll.vbs"
- %TEMP%\SQLi Dumper 9.2.1 Cracked by CN$quad NextGenZ & Bleach.exe
- %TEMP%\libcoco2dlll.vbs
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\libcoco2dlll.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\libcoco2dlll.vbs
- %WINDIR%\Temp\Perflib_Perfdata_7e8.dat
- %TEMP%\SQLi Dumper 9.2.1 Cracked by CN$quad NextGenZ & Bleach.exe
- %TEMP%\libcoco2dlll.vbs