Техническая информация
- '<SYSTEM32>\wscript.exe' "%TEMP%\shw.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\sh.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\tlf.js"
- '%TEMP%\wngll.exe'
- '%TEMP%\klmn.exe' -p5g2s5h9w8y -d%HOMEPATH%\Local Settings\Temp
- %TEMP%\shw.vbs
- %TEMP%\fasasd.dll
- %TEMP%\mshtml.dll
- %TEMP%\sh.vbs
- %TEMP%\klmn.exe
- %TEMP%\tlf.js
- %TEMP%\wngll.exe
- %TEMP%\klmn.exe
- %TEMP%\fasasd.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''