Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FlashPlugins' = 'wscript "%APPDATA%\Adobe\Flash Player\Plugins\invis.vbs" "%APPDATA%\Adobe\Flash Player\Plugins\bat.bat"'
- %APPDATA%\Adobe\Flash Player\Plugins\igfxpers.exe
- <SYSTEM32>\reg.exe add HKCU\software\microsoft\windows\currentversion\run /v FlashPlugins /d "wscript \"%APPDATA%\Adobe\Flash Player\Plugins\invis.vbs\" \"%APPDATA%\Adobe\Flash Player\Plugins\bat.bat\"" /f
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\Adobe\Flash Player\Plugins\bat.bat" "
- <SYSTEM32>\wscript.exe "%APPDATA%\Adobe\Flash Player\Plugins\invis.vbs" "%APPDATA%\Adobe\Flash Player\Plugins\bat.bat"
- %APPDATA%\Adobe\Flash Player\Plugins\libcurl.dll
- %APPDATA%\Adobe\Flash Player\Plugins\pthreadGC2.dll
- %APPDATA%\Adobe\Flash Player\Plugins\invis.vbs
- %APPDATA%\Adobe\Flash Player\Plugins\bat.bat
- %APPDATA%\Adobe\Flash Player\Plugins\igfxpers.exe
- 'l5.###runnet.org':9327
- DNS ASK l5.###runnet.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''