Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'l9iluky' = '%APPDATA%\sbsndmf\scbosh.exe'
- %APPDATA%\sbsndmf\scbosh.exe
- %TEMP%\ les.exe
- <SYSTEM32>\reg.exe import "%TEMP%\l9iluky._eg"
- <SYSTEM32>\cmd.exe /c "%TEMP%\va_bsmf.bat"
- <SYSTEM32>\cmd.exe /c "%TEMP%\l9iluky.bat"
- %TEMP%\l9iluky._eg
- %APPDATA%\sbsndmf\scbosh.exe
- %TEMP%\ms3810.tmp
- %TEMP%\va_bsmf.bat
- %TEMP%\ металл.doc
- %TEMP%\ les.exe
- %TEMP%\l9iluky.bat
- %TEMP%\l9iluky._eg
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'tooltips_class32' WindowName: ''
- ClassName: 'WordPadClass' WindowName: ''