Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\vc.lnk
- 'C:\Users\Default\AppData\Roaming\vc.exe'
- '%TEMP%\1234.exe' -pjGfrhgdfgiIetcnvjhdgWkogjwwn -dC:\Users\Default\AppData\Roaming
- '%TEMP%\ss.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\ztmp\t24664.bat" "C:\Users\Default\AppData\Roaming\vc.exe" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\ztmp\t5730.bat" "%TEMP%\ss.exe" "
- C:\Users\Default\AppData\Roaming\vcreditx64.exe
- C:\Users\Default\AppData\Roaming\vc.exe
- %TEMP%\ztmp\t24713.exe
- %TEMP%\ztmp\t24664.bat
- %TEMP%\ss.exe
- %TEMP%\1234.exe
- %TEMP%\ztmp\t5782.exe
- %TEMP%\ztmp\t5730.bat
- C:\Users\Default\AppData\Roaming\vc.exe
- C:\Users\Default\AppData\Roaming\vcreditx64.exe
- %TEMP%\1234.exe
- %TEMP%\ss.exe
- %TEMP%\ztmp\t5782.exe
- %TEMP%\ztmp\t5730.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''