Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\logonui.lnk
- %WINDIR%\explorer.exe
- %WINDIR%\syswow64\help.exe
- %WINDIR%\syswow64\wuapp.exe
- %WINDIR%\syswow64\cmd.exe
- %WINDIR%\syswow64\netsh.exe
- %WINDIR%\syswow64\napstat.exe
- %WINDIR%\syswow64\msiexec.exe
- %WINDIR%\syswow64\rundll32.exe
- %WINDIR%\syswow64\cmstp.exe
- iexplore.exe
- firefox.exe
- Процесс iexplore.exe, модуль wininet.dll
- Процесс firefox.exe, модуль nss3.dll
- %WINDIR%\syswow64\autofmt.exe
- %WINDIR%\syswow64\autochk.exe
- C:\vclahfwh\logonui\appxapplicabilityblob.scr
- DNS ASK gr####ulpharms.com
- DNS ASK ke##bin.com
- '%WINDIR%\syswow64\help.exe'
- '%WINDIR%\syswow64\cmd.exe' del "<Полный путь к файлу>"
- '%WINDIR%\syswow64\wuapp.exe'
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\netsh.exe'
- '%WINDIR%\syswow64\napstat.exe'
- '%WINDIR%\syswow64\msiexec.exe'
- '%WINDIR%\syswow64\rundll32.exe'
- '%WINDIR%\syswow64\cmstp.exe'
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\wscript.exe'
- '%WINDIR%\syswow64\colorcpl.exe'