Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}' = 'pqzfajke.dll'
- '<SYSTEM32>\dazfajke.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\~DFD324734.bat
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\dazfajke.exe
- %TEMP%\~DFD324734.bat
- <SYSTEM32>\dtzfajke.sys
- <SYSTEM32>\pqzfajke.dll
- <SYSTEM32>\dtzfajke.sys
- <SYSTEM32>\pqzfajke.dll
- <SYSTEM32>\dazfajke.exe