Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '*kDysER8' = ''
- <SYSTEM32>\rundll32.exe ""%HOMEPATH%\Local Settings\DTKe92GF\HBwXLW2C.Eth"",HFF8
- <SYSTEM32>\cscript.exe
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ctfmon.exe
- <SYSTEM32>\rundll32.exe
- %HOMEPATH%\Local Settings\DTKe92GF\zu3iGEzx-zEzl22-xWGIx2mYxcd.KS5
- %HOMEPATH%\Local Settings\DTKe92GF\zu3iGEzx-lEzl22-xWGIWR-x2d2.KS5
- %HOMEPATH%\Local Settings\DTKe92GF\kFTUR56H.vNo
- %HOMEPATH%\Local Settings\DTKe92GF\HBwXLW2C.Eth
- %HOMEPATH%\Local Settings\DTKe92GF\aqHdthE_.r6j
- ClassName: 'Indicator' WindowName: ''