Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'oPi77Dv' = '%HOMEPATH%\pId56Ax\svchost.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\lsass.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\lsass.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\aut2.tmp
- %HOMEPATH%\qCn60Xz.TC4
- %TEMP%\aut1.tmp
- %HOMEPATH%\qCn60Xz.TC4
- %TEMP%\aut2.tmp
- %HOMEPATH%\qCn60Xz.TC4
- %TEMP%\aut1.tmp
- DNS ASK jo####nolds.info