Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'dwnrpofk' = '{37A9B101-56A8-4575-98EB-A90B763720E7}'
- %TEMP%\ac8zt2\eolm.exe %WINDIR%\dwnrpofk.dll dwnrpofk
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\kdftlboesap.dll
- <SYSTEM32>\regsvr32.exe /s qvdntlmw.dll
- %WINDIR%\qvdntlmw.dll
- %TEMP%\ac8zt2\eolm.exe
- %TEMP%\ac8zt2\vbgtorfd.dll
- %WINDIR%\kdftlboesap.dll
- %WINDIR%\dwnrpofk.dll
- %WINDIR%\norlatmx.exe
- %WINDIR%\vbgtorfd.dll
- %TEMP%\ac8zt2\qvdntlmw.dll
- %TEMP%\nse3.tmp\blowfish.dll
- %TEMP%\nse2.tmp
- %TEMP%\ac8zt2\install.bat
- %TEMP%\ac8zt2\norlatmx.exe
- %TEMP%\ac8zt2\kdftlboesap.dll
- %TEMP%\ac8zt2\dwnrpofk.dll