Техническая информация
- '%WINDIR%\BJ.exe'
- '%WINDIR%\CC7CDE45.exe'
- '%WINDIR%\545E8EB0.exe'
- '<SYSTEM32>\wbem\scrcons.exe' -Embedding
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wscript.exe' "c:\77D79334.vbs"
- '<SYSTEM32>\taskkill.exe' /f /im KSafeTray.exe
- '<SYSTEM32>\cmd.exe' /c afc9fe2f418b00a0.bat
- <SYSTEM32>\NOD32.ini
- %WINDIR%\BJ.exe
- C:\77D79334.vbs
- %WINDIR%\RCX2.tmp
- %WINDIR%\CC7CDE45.exe
- C:\1.INI
- %WINDIR%\545E8EB0.exe
- %WINDIR%\RCX1.tmp
- %WINDIR%\BF.ini
- <Текущая директория>\afc9fe2f418b00a0.bat
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- <Текущая директория>\1.INI
- %WINDIR%\545E8EB0.exe
- %WINDIR%\CC7CDE45.exe
- %WINDIR%\RCX2.tmp в %WINDIR%\CC7CDE45.exe
- C:\1.INI в <Текущая директория>\1.INI
- %WINDIR%\RCX1.tmp в %WINDIR%\545E8EB0.exe
- ClassName: '' WindowName: '??????????????'
- ClassName: '' WindowName: 'ИрРЗіМРтЙэј¶ЦР'
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''