Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SBLSUF' = '<LS_APPDATA>\SBLSUF\SBLSUFR.vbs'
- %WINDIR%\syswow64\regsvr32.exe
- %APPDATA%\sblsufwie.exe
- %APPDATA%\sblsuf.bmp
- %HOMEPATH%\icq\sblsuf.ocx
- %TEMP%\787d.tmp
- %HOMEPATH%\yahoo\sblsufkss.exe
- %HOMEPATH%\icq\sblsuf.bmp
- <LS_APPDATA>\sblsuf\sblsufq.bat
- <LS_APPDATA>\sblsuf\sblsufr.vbs
- %HOMEPATH%\icq\sblsuf.ocx
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\sblsufwie.exe'
- '%WINDIR%\syswow64\regsvr32.exe'