Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdate' = '%HOMEPATH%\MMGWW\SPNEQ.vbs'
- '%HOMEPATH%\MMGWW\WTSDU.exe' %HOMEPATH%\MMGWW\BTYBA
- '%HOMEPATH%\MMGWW\WTSDU.exe' %HOMEPATH%\MMGWW\VPINN
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '<SYSTEM32>\WScript.exe' "%HOMEPATH%\MMGWW\SPNEQ.vbs"
- %HOMEPATH%\MMGWW\WTSDU.exe
- %HOMEPATH%\MMGWW\SPNEQ.vbs
- %HOMEPATH%\MMGWW\spd
- %HOMEPATH%\MMGWW\BTYBA
- %HOMEPATH%\MMGWW\STDQA
- %HOMEPATH%\MMGWW\JTDQV
- %HOMEPATH%\MMGWW\VPINN
- %HOMEPATH%\MMGWW\YMQGIX
- %HOMEPATH%\MMGWW\VPINN
- %HOMEPATH%\MMGWW\WTSDU.exe
- %HOMEPATH%\MMGWW\BTYBA
- ClassName: 'EDIT' WindowName: '(null)'