Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '%ALLUSERSPROFILE%\Application Data\Mozilla\oemhiti.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- %WINDIR%\tasks\iexoatm.job
- %ALLUSERSPROFILE%\Application Data\mozilla\pgvlfnj.exe
- %ALLUSERSPROFILE%\Application Data\mozilla\oemhiti.dll
- '%ALLUSERSPROFILE%\Application Data\mozilla\pgvlfnj.exe' Data\Mozilla\pgvlfnj.exe -frgeqni
- '%ALLUSERSPROFILE%\Application Data\mozilla\pgvlfnj.exe' Data\Mozilla\pgvlfnj.exe -frgeqni' (со скрытым окном)