Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'phhi33' = '<SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\phhi33.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = '<SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\phhi33.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'phhi33' = '<SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = '<SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\services.exe'
- '<SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\phhi33.exe'
- '%HOMEPATH%\pietty\pietty.exe'
- <SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\phhi33.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\scservice.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\servicess.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\netdhcp.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\mirror.exe
- %HOMEPATH%\pietty\pietty.exe
- %HOMEPATH%\pietty\x64.cab
- %HOMEPATH%\pietty\x86.cab
- %HOMEPATH%\pietty\Config.ini
- %HOMEPATH%\pietty\pietty.sys
- %HOMEPATH%\pietty\Rar.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\mirror.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\netdhcp.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\servicess.exe
- <SYSTEM32>\YXVZYOXVTOTWVVXUVOTUVWY\scservice.exe
- <SYSTEM32>\LKIMLBKIGBGJIIKHIBGHIJL\phhi33.exe
- DNS ASK cn#.##berdrill.my
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''