Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Имя вируса>' = '%PROGRAM_FILES%\Mypi\Ufwl.exe /<Имя вируса>'
- '%TEMP%\is-D6GJE.tmp\is-HS9UD.tmp' /SL4 $100EC %TEMP%\Yunk216\EBGSoftSetup_V8.0820.exe 1647697 51200
- '%TEMP%\Yunk216\EBGSoftSetup_V8.0820.exe'
- %TEMP%\is-D6GJE.tmp\is-HS9UD.tmp
- %TEMP%\is-NM2UM.tmp\_shfoldr.dll
- %TEMP%\is-NM2UM.tmp\_isdecmp.dll
- %TEMP%\Yunk216\EBGSoftSetup_V8.0820.exe
- %CommonProgramFiles%\System\Ole DB\MSPat.xml
- %PROGRAM_FILES%\Mypi\Adab.exe
- %PROGRAM_FILES%\Mypi\Ufwl.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'