Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FreshZone' = '"%ProgramFiles%\Internet Explorer\iexplore.exe" "https://goo.gl/QC8Xu3"'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\SystemInternet.lnk
- %TEMP%\7ZipSfx.000\Congratulations.vbs
- %TEMP%\7ZipSfx.000\2RIS1-HPaFZ.exe
- %TEMP%\7ZipSfx.000\PAPL-By-2RIS1.exe
- %ALLUSERSPROFILE%\FreshZone.ico
- %ALLUSERSPROFILE%\System.reg
- %TEMP%\7ZipSfx.000\Congratulations.vbs
- %TEMP%\7ZipSfx.000\2RIS1-HPaFZ.exe
- %TEMP%\7ZipSfx.000\PAPL-By-2RIS1.exe
- %ALLUSERSPROFILE%\FreshZone.ico
- %ALLUSERSPROFILE%\System.reg
- %ALLUSERSPROFILE%\System.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\7ZipSfx.000\2RIS1-HPaFZ.exe'
- '%TEMP%\7ZipSfx.000\PAPL-By-2RIS1.exe'
- '%WINDIR%\regedit.exe' /S System.reg