Техническая информация
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\_arh1\_arh1\no111111111ri.vbs"
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\_arh1\_arh1\na1111111111111ki.bat" "
- %PROGRAM_FILES%\_arh1\_arh1\no111111111ri.vbs
- %PROGRAM_FILES%\_arh1\_arh1\na1111111111111ki.bat
- %HOMEPATH%\Recent\_arh1.lnk
- %HOMEPATH%\Recent\no111111111ri.lnk
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\_arh1\_arh1\kokolok.txt
- %PROGRAM_FILES%\_arh1\_arh1\kust.txt
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- '94.##9.188.143':9007
- 'localhost':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''