Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Window back Manager] 'Start' = '00000002'
- %APPDATA%\atshut.exe /u
- %APPDATA%\Favorites\bcgrsvc.exe
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %HOMEPATH%\Favorites\Gё¶ДП.url
- %HOMEPATH%\Favorites\їБјЗ.url
- %HOMEPATH%\Favorites\d&shop.url
- %HOMEPATH%\Favorites\11№ш°Ў.url
- C:\DelUS.bat
- %APPDATA%\Favorites\Favml.exe
- %APPDATA%\Favorites\bcgrsvc.exe
- %TEMP%\nsn2.tmp\SelfDelete.dll
- %APPDATA%\atshut.exe
- %TEMP%\nsn2.tmp\SelfDelete.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''