Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\enbavifil32] 'Startup' = 'WLEventStartup'
- %ALLUSERSPROFILE%\Application Data\Microsoft\MSIDL\~EFD2431013777.tmp
- %ALLUSERSPROFILE%\Application Data\Microsoft\MSIDL\~EFD1356113774.tmp
- <SYSTEM32>\Setup\enbavifil32.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\MSIDL\~EFD2431013777.tmp
- %ALLUSERSPROFILE%\Application Data\Microsoft\MSIDL\~EFD1356113774.tmp