Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'vvljynftko' = '"%APPDATA%\vvljynftko.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\vvljynftko.vbs
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' "%APPDATA%\vvljynftko.exe" iBKcNfHndb WVGdthjcXJ
- '%WINDIR%\explorer.exe'
- '%TEMP%\RarSFX0\Eyykss.exe'
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
- %TEMP%\RarSFX0\Tesvxamvenagxehd.xml
- %APPDATA%\vvljynftko.exe
- %TEMP%\RarSFX0\Eyykss.exe
- %TEMP%\RarSFX0\Emigrmkwhr.png
- %TEMP%\RarSFX0\Eyykss.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''