Техническая информация
- [<HKLM>\SOFTWARE\Classes\FlashVideo.FlashVideo\shell\open\command] '' = '""%TEMP%\1368816608.bin"" %1'
- [<HKLM>\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\shell\open\command] '' = '""%TEMP%\1368816608.bin"" %1'
- <SYSTEM32>\veriffier.exe "<SYSTEM32>\c_8500.nls"
- <SYSTEM32>\at.exe 19:21 /every:Th "<SYSTEM32>\veriffier.exe"
- <SYSTEM32>\regsvr32.exe /s "<SYSTEM32>\dmusiic.dll"
- <SYSTEM32>\dmusiic.dll
- %TEMP%\1368816608.bin
- <SYSTEM32>\3070\inf3070.dat
- <SYSTEM32>\c_8500.nls
- %TEMP%\3043622693.bin
- %TEMP%\1942822483.tmp
- <SYSTEM32>\veriffier.exe
- %TEMP%\3043622693.bin
- %TEMP%\1942822483.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''