Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{A81UL0BQ-49D9-NB2L-ZAPN-VOJETE9FUNLV}] 'StubPath' = '%TEMP%\LLDhs.exe'
- [<HKCU>\Software\Microsoft\Active Setup\Installed Components\{A81UL0BQ-49D9-NB2L-ZAPN-VOJETE9FUNLV}] 'StubPath' = '%TEMP%\LLDhs.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'lFxUFDvhIy265pvLWFN' = '%TEMP%\LLDhs.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\twext.exe,'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wxZFPO0EQYDYCmywG' = '%TEMP%\LLDhs.exe'
- <SYSTEM32>\cmd.exe /c ""%TEMP%\DveqtmFpt.bat" "
- %TEMP%\LLDhs.exe
- <SYSTEM32>\twext.exe
- %TEMP%\DveqtmFpt.bat
- %TEMP%\LLDhs.exe
- <SYSTEM32>\twext.exe
- ClassName: 'Indicator' WindowName: ''