Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'autoauto' = 'c.bat'
- '<SYSTEM32>\wscript.exe' "\Google\Chrome\User Data\Default\Extensions\a.vbs" "\Google\Chrome\User Data\Default\Preferences" "hcnoocjdgpaeliplnkbhbpccighjkeef" "bfcnflkdmlnlalbefllfaimhpppjgmkonbn"
- '<SYSTEM32>\cmd.exe' /c "<LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\zzz.bat"
- '<SYSTEM32>\taskkill.exe' /im chrome.exe
- <SYSTEM32>\lod1.vbs
- <SYSTEM32>\v.vbs
- <SYSTEM32>\c.bat
- C:\a\manifest.json
- C:\a\uplayermediaplayer-setup.exe
- C:\a\lpa.js
- C:\a\lp.js
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\zzz.bat
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\a.vbs
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\lp.crx
- %TEMP%\nsi2.tmp\System.dll
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\b.bat
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\fol.vbs
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\lod1.vbs
- <LS_APPDATA>\Google\Chrome\User Data\Default\Extensions\v.vbs
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Chrome_WidgetWin_0' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'