Техническая информация
- %WINDIR%\Tasks\f1g.job
- [<HKLM>\SYSTEM\ControlSet001\Services\Schedule] 'Start' = '00000002'
- %TEMP%\rwaon2\1.exe
- %TEMP%\rwaon2\_uninstall
- %TEMP%\rwaon2\2.tmp
- %TEMP%\rwaon2\1.exe.tmp
- %TEMP%\rwaon2\_uninstall
- %TEMP%\rwaon2\2.tmp
- %TEMP%\rwaon2\1.exe.tmp
- %TEMP%\rwaon2\1.exe в %WINDIR%\Downloaded Program Files\f1g.exe