Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'lphzn' = '%HOMEPATH%\lphzn\54529.vbs'
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- '%HOMEPATH%\lphzn\AudioDrivers.exe.exe' yRW14p1j.RWZ
- '<SYSTEM32>\taskkill.exe' /IM mshta.exe
- '<SYSTEM32>\mshta.exe'
- '<SYSTEM32>\wscript.exe' "%HOMEPATH%\lphzn\2583piRrx5.vbs"
- %HOMEPATH%\lphzn\96g8Ac1lb.DRX
- %HOMEPATH%\lphzn\66297.cmd
- %HOMEPATH%\lphzn\54529.vbs
- %HOMEPATH%\lphzn\yRW14p1j.RWZ
- %HOMEPATH%\lphzn\1p4xbT60T8nW.OOE
- %HOMEPATH%\lphzn\AudioDrivers.exe.exe
- %HOMEPATH%\lphzn\2583piRrx5.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- %HOMEPATH%\lphzn\96g8Ac1lb.DRX
- %HOMEPATH%\lphzn\66297.cmd
- %HOMEPATH%\lphzn\54529.vbs
- %HOMEPATH%\lphzn\AudioDrivers.exe.exe
- %HOMEPATH%\lphzn\1p4xbT60T8nW.OOE
- %HOMEPATH%\lphzn\yRW14p1j.RWZ
- %HOMEPATH%\lphzn\2583piRrx5.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'