Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Babylon' = '<SYSTEM32>\Babylon.exe'
- '<SYSTEM32>\attrib.exe' +h +s "%WINDIR%\regedit.exe"
- '<SYSTEM32>\attrib.exe' +h +s "<SYSTEM32>\msconfig.exe"
- '<SYSTEM32>\attrib.exe' +h +s "<SYSTEM32>\Babylon.exe"
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\v.bat" "
- '<SYSTEM32>\attrib.exe' +h +s "<SYSTEM32>\v.bat"
- <SYSTEM32>\Babylon.exe
- <SYSTEM32>\v.bat
- %TEMP%\AutoItX3.dll
- %TEMP%\7F2DD7DF.nbp
- <SYSTEM32>\Babylon.exe
- <SYSTEM32>\v.bat
- %TEMP%\7F2DD7DF.nbp
- %TEMP%\AutoItX3.dll
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'