Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '88568338' = '%ALLUSERSPROFILE%\Application Data\88568338\88568338.exe'
- '%ALLUSERSPROFILE%\Application Data\88568338\88568338.exe' Data\88568338\88568338.exe /i
- '<SYSTEM32>\cmd.exe' /c start %ALLUSERSPROFILE%\Application Data\88568338\88568338.exe /i
- '<SYSTEM32>\cmd.exe' /c ""%ALLUSERSPROFILE%\Application Data\88568338\88568338.bat" "
- %ALLUSERSPROFILE%\Application Data\88568338\88568338.bat
- %ALLUSERSPROFILE%\Application Data\88568338\88568338.exe
- '91.##8.60.146':80
- http://91.##8.60.146/set.php?ur##############################################################################
- ClassName: 'Shell_TrayWnd' WindowName: ''