Техническая информация
- '%WINDIR%\system\yukin.exe'
- '%WINDIR%\system\xygg.exe'
- '%WINDIR%\system\ybcj.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 3
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\system\run.bat" "
- '<SYSTEM32>\wscript.exe' "%WINDIR%\system\run.vbs"
- inbank-start-ff.exe
- %TEMP%\aut1.tmp
- %WINDIR%\system\svchost.exe
- %WINDIR%\system\config.ini
- %TEMP%\ntthtlx
- %TEMP%\aut2.tmp
- %TEMP%\xzvnqjg
- %WINDIR%\system\run.vbs
- %WINDIR%\system\run.bat
- %WINDIR%\system\yukin.exe
- %WINDIR%\system\ybcj.exe
- %WINDIR%\system\xygg.exe
- %WINDIR%\system\samlan.dll
- %TEMP%\aut2.tmp
- %TEMP%\ntthtlx
- %TEMP%\aut1.tmp
- %TEMP%\xzvnqjg
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'