Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'lctvn' = '%HOMEPATH%\lctvn\73234.vbs'
- '%HOMEPATH%\lctvn\WindowsRegistry32.exe' jNJXPe
- '<SYSTEM32>\taskkill.exe' /IM mshta.exe
- '<SYSTEM32>\mshta.exe'
- %HOMEPATH%\lctvn\IAXkAQm.ELK
- %HOMEPATH%\lctvn\91987.cmd
- %HOMEPATH%\lctvn\73234.vbs
- %HOMEPATH%\lctvn\caZFRlECh.QZB
- %HOMEPATH%\lctvn\WindowsRegistry32.exe
- %HOMEPATH%\lctvn\jNJXPe
- %HOMEPATH%\lctvn\IAXkAQm.ELK
- %HOMEPATH%\lctvn\73234.vbs
- %HOMEPATH%\lctvn\91987.cmd
- %HOMEPATH%\lctvn\caZFRlECh.QZB
- %HOMEPATH%\lctvn\WindowsRegistry32.exe
- %HOMEPATH%\lctvn\jNJXPe
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'