Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iTrusUKEY' = '%ProgramFiles%\iTrus\iTrus.exe /S'
- %TEMP%\nsu2.tmp
- %TEMP%\nse3.tmp\UserInfo.dll
- %TEMP%\nse3.tmp\System.dll
- %TEMP%\nse3.tmp\FindProcDLL.dll
- %ProgramFiles%\iTrus\iTrus.exe
- %ProgramFiles%\iTrus\itrusbrowser.dll
- %ProgramFiles%\iTrus\libcrypto-1_1.dll
- %ProgramFiles%\iTrus\libssl-1_1.dll
- <SYSTEM32>\itruscsputil.dll
- <SYSTEM32>\iTrusUI.dll
- %ProgramFiles%\iTrus\uninstall-itrusukey.exe
- %WINDIR%\МмНю¶Ь.ico
- %ALLUSERSPROFILE%\Start Menu\Programs\МмНю¶Ь\Жф¶Ї МмНю¶Ь.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\МмНю¶Ь\Р¶ФШ МмНю¶Ь.lnk
- %ALLUSERSPROFILE%\Desktop\МмНю¶Ь.lnk
- %TEMP%\a12345.dll
- %TEMP%\a12345.dll
- %TEMP%\nse3.tmp\FindProcDLL.dll
- %TEMP%\nse3.tmp\System.dll
- %TEMP%\nse3.tmp\UserInfo.dll
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: '??????-????????????????????????????'
- ClassName: '' WindowName: 'МмНю¶Ь-±±ѕ©МмНюµзЧУЙМОс·юОсУРПЮ№«Лѕ'