Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '%TEMP%\SYVDGSPh\FUPBgXIf.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe'
- '%APPDATA%\eUfBSgPAdQ.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- %TEMP%\64F4EA4C8142CAC73E06647D59A699D1.dll
- %TEMP%\bassmod.dll
- %TEMP%\C5E3399ED9A072FE864748D49BA96094.dll
- %TEMP%\SYVDGSPh\FUPBgXIf.exe
- %TEMP%\Visitor -BRK-.FON
- %TEMP%\dup2patcher.dll
- %TEMP%\MCDMiIZMgC.Za
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %APPDATA%\eUfBSgPAdQ.exe
- %TEMP%\gehNGLbgaNe.gehN
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''