Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'tfnslopk' = '{D92E4E76-06FD-4878-BD2D-AFC9537777A0}'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'xokvrpwg' = '{F62D7D00-4341-459E-8ED4-983E96222736}'
- %TEMP%\ac8zt2\lnvegaow.exe reg
- %TEMP%\ac8zt2\edlb.exe resrb
- %TEMP%\ac8zt2\edlb.exe %WINDIR%\xokvrpwg.dll xokvrpwg
- %TEMP%\ac8zt2\edlb.exe %WINDIR%\tfnslopk.dll tfnslopk
- %WINDIR%\explorer.exe
- <SYSTEM32>\regsvr32.exe /s bgrqfetx.dll
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\wnlmdakqlag.dll
- %WINDIR%\Explorer.EXE
- %WINDIR%\wnlmdakqlag.dll
- %WINDIR%\bgrqfetx.dll
- %WINDIR%\tfnslopk.dll
- %WINDIR%\xokvrpwg.dll
- %TEMP%\nsl3.tmp\System.dll
- %TEMP%\nsx4.tmp.bat
- %WINDIR%\edlb.exe
- %WINDIR%\lnvegaow.exe
- %TEMP%\ac8zt2\lnvegaow.exe
- %TEMP%\ac8zt2\bgrqfetx.dll
- %TEMP%\ac8zt2\edlb.exe
- %TEMP%\nsg2.tmp
- %TEMP%\nsl3.tmp\blowfish.dll
- %TEMP%\ac8zt2\tfnslopk.dll
- %TEMP%\ac8zt2\wnlmdakqlag.dll
- %TEMP%\ac8zt2\xokvrpwg.dll
- %TEMP%\ac8zt2\install.bat
- %TEMP%\ac8zt2\tfnslopk.dll
- %TEMP%\ac8zt2\wnlmdakqlag.dll
- %TEMP%\ac8zt2\xokvrpwg.dll
- %TEMP%\ac8zt2\lnvegaow.exe
- %TEMP%\ac8zt2\bgrqfetx.dll
- %TEMP%\ac8zt2\edlb.exe
- %TEMP%\ac8zt2\install.bat