Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bIKEMRFe' = '%APPDATA%\FgQSUQLf\RWXhcPRg.exe'
- %APPDATA%\FgQSUQLf\RWXhcPRg.exe
- %TEMP%\ZDAhIXeEVd.U
- %TEMP%\aut1.tmp
- %TEMP%\aut1.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''