Техническая информация
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\rhv\rhv\no111111111ri.vbs"
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\rhv\rhv\na1111111111111ki.bat" "
- %PROGRAM_FILES%\rhv\rhv\no111111111ri.vbs
- %PROGRAM_FILES%\rhv\rhv\na1111111111111ki.bat
- %HOMEPATH%\Recent\rhv.lnk
- %HOMEPATH%\Recent\no111111111ri.lnk
- %PROGRAM_FILES%\rhv\rhv\kokolok.txt
- %TEMP%\$inst\2.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- %PROGRAM_FILES%\rhv\rhv\kust.txt
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- '94.##9.188.143':9007
- 'localhost':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''