Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ctfmon.exe' = '%WINDIR%\B2022.Exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ctfmon.exe' = '%WINDIR%\C2033.Exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ctfmon.exe' = '<Полный путь к вирусу>'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ctfmon.exe' = '%WINDIR%\A2011.Exe'
- %WINDIR%\C2033.Exe
- %WINDIR%\B2022.Exe
- %WINDIR%\A2011.Exe
- <SYSTEM32>\ctfmon.exe
- %WINDIR%\B2022.Exe
- %WINDIR%\C2033.Exe
- %WINDIR%\A2011.Exe
- %TEMP%\~DF324A.tmp
- %TEMP%\~DF3C90.tmp
- %TEMP%\~DF4131.tmp
- %TEMP%\~DF20A0.tmp
- %TEMP%\~DF1F43.tmp
- %TEMP%\~DF1EFF.tmp
- %TEMP%\~DF3C42.tmp
- %TEMP%\~DF77AD.tmp
- %TEMP%\~DF820F.tmp
- %TEMP%\~DF5A48.tmp
- %TEMP%\~DF7C68.tmp
- %TEMP%\~DF5AF4.tmp
- %TEMP%\~DF67A5.tmp
- %TEMP%\~DF75DF.tmp
- %TEMP%\~DF5F81.tmp
- %TEMP%\~DF199E.tmp
- %TEMP%\~DFC171.tmp
- %TEMP%\~DFCA8F.tmp
- %TEMP%\~DFFDBD.tmp
- %TEMP%\~DFADE4.tmp
- %TEMP%\~DF41DD.tmp
- %TEMP%\~DF5362.tmp
- %TEMP%\~DFAD18.tmp
- %TEMP%\~DFE72A.tmp
- %TEMP%\~DF25B.tmp
- %TEMP%\~DF3AF.tmp
- %TEMP%\~DF48A0.tmp
- %TEMP%\~DFFE6F.tmp
- %TEMP%\~DFDE69.tmp
- %TEMP%\~DFE4EC.tmp
- %TEMP%\~DFE843.tmp
- ClassName: 'Indicator' WindowName: ''