Техническая информация
- [<HKLM>\SOFTWARE\Classes\PROTOCOLS\Filter\text/html] 'CLSID' = '{A8981DB9-B2B3-47D7-A890-9C9D9F4C5552}'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\WinAccestor.exe
- %WINDIR%\Tasks\At1.job
- '%WINDIR%\WinAccestor.exe'
- '%TEMP%\aus1.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\cs72AD.vbs"
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\mf540.dll
- '<SYSTEM32>\wscript.exe' "%TEMP%\cs58E.vbs"
- %TEMP%\cs58E.vbs
- %TEMP%\cs72AD.vbs
- %WINDIR%\WinAccestor.exe
- %WINDIR%\mf540.dll
- %TEMP%\aus1.exe