Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'dplafde' = 'rundll32 "%APPDATA%\ccfgkmgr\encatrep.dll",DllRegisterServer'
- '<SYSTEM32>\rundll32.exe' Eula.dll, DllRegisterServer
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\cmd.bat" "
- '%TEMP%\RarSFX0\UnRAR.exe' e -pdj83jdkAj Eula.rar
- %WINDIR%\Explorer.EXE
- opera.exe
- %TEMP%\RarSFX0\Eula.dll
- %APPDATA%\ccfgkmgr\encatrep.dll
- %TEMP%\RarSFX0\UnRAR.exe
- %TEMP%\RarSFX0\Eula.rar
- %TEMP%\RarSFX0\cmd.bat
- %TEMP%\RarSFX0\Eula.rar
- %TEMP%\RarSFX0\UnRAR.exe
- %TEMP%\RarSFX0\Eula.dll
- ClassName: 'ProgMan' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''