Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'autorun_19831028_vip' = '"<SYSTEM32>\bedfegihkj.exe" -at'
- '<SYSTEM32>\bedfegihkj.exe' ok
- '<SYSTEM32>\wermgr.exe' -queuereporting
- <SYSTEM32>\bedfegihkj.exe
- <SYSTEM32>\bedfegihkj.exe
- ClassName: '#32770' WindowName: '?? ?? ??'