Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\amd.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\amd.exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\amd.exe' (загружен из сети Интернет)
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\bhBrt.dll"
- '<SYSTEM32>\sc.exe' config wscsvc start= disabled
- %APPDATA%\bhBrt.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tlbBRT[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\k[1].exe
- '19#.#0.242.204':80
- 19#.#0.242.204/tlbBRT.dll
- 19#.#0.242.204/k.exe