Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FileSystemChecking' = '"<LS_APPDATA>\bbbx.exe"'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe "<LS_APPDATA>\bbbx.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\Micrоsоft Оffice.exe
- '<LS_APPDATA>\bbby.exe' /Y
- '<LS_APPDATA>\bbbx.exe' /X
- ClassName: 'AVP.AlertDialog' WindowName: ''
- <LS_APPDATA>\bbby.exe
- <LS_APPDATA>\bbbx.exe
- %HOMEPATH%\Start Menu\Programs\Startup\Micrоsоft Оffice.exe
- <LS_APPDATA>\bbby.exe
- <LS_APPDATA>\bbbx.exe
- <LS_APPDATA>\bbby.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'tBBB' WindowName: 'BigBadBagX'
- ClassName: 'PCHShell Window' WindowName: '?????????????? ???????'
- ClassName: 'tBBB' WindowName: 'BigBadBagY'