Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'zamanatifotto' = '%APPDATA%\zamanatifottotutto.exe'
- %APPDATA%\zamanatifottotutto.exe
- %TEMP%\~DF3224.tmp
- %TEMP%\~DF30F5.tmp
- %TEMP%\~DF30F5.tmp
- %TEMP%\~DF3224.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''