Техническая информация
- '<SYSTEM32>\wscript.exe' "%TEMP%\xxocmepr\yexbpgim.vbs"
- '<SYSTEM32>\taskkill.exe' /im opera.exe /f /t
- '%TEMP%\xxocmepr\taskmgr.exe' a -r %USERNAME%_ora_30287.arj %APPDATA%\Opera\Opera\
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\xxocmepr\uridavlg.cmd" "
- '%TEMP%\TROJ_987.EXE'
- '<SYSTEM32>\notepad.exe' %TEMP%\xxocmepr\hqqrsvtp.txt
- opera.exe
- %TEMP%\xxocmepr\boaspybq.lst
- %TEMP%\xxocmepr\hqqrsvtp.txt
- %TEMP%\xxocmepr\mknmlvyd.bat
- %TEMP%\xxocmepr\svrjlfrb.ico
- %TEMP%\xxocmepr\olggpvkv.txt
- %TEMP%\xxocmepr\yexbpgim.vbs
- %TEMP%\TROJ_987.EXE
- %TEMP%\xxocmepr\reubnuet.jpg
- %TEMP%\xxocmepr\taskmgr.exe
- %TEMP%\xxocmepr\uridavlg.cmd
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''