Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = ''
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%ALLUSERSPROFILE%\clipsrv.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'IEudInit' = ''
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = '%ALLUSERSPROFILE%\ieudinit.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MessageService' = '%ALLUSERSPROFILE%\mqtgsvc.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MessageService' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'lsm service' = '<LS_APPDATA>\lsm.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'lsm service' = ''
- %ALLUSERSPROFILE%\ieudinit.exe
- %ALLUSERSPROFILE%\RCX6.tmp
- %ALLUSERSPROFILE%\clipsrv.exe
- %ALLUSERSPROFILE%\RCX5.tmp
- <DRIVERS>\ieudinit.exe
- <DRIVERS>\RCX8.tmp
- %APPDATA%\Microsoft\logman.exe
- %APPDATA%\Microsoft\RCX7.tmp
- <LS_APPDATA>\RCX4.tmp
- %ALLUSERSPROFILE%\RCX1.tmp
- %ALLUSERSPROFILE%\mqtgsvc.exe
- %TEMP%\Twain002.Mtx
- %ALLUSERSPROFILE%\winlogon.exe
- %APPDATA%\RCX3.tmp
- <LS_APPDATA>\lsm.exe
- %ALLUSERSPROFILE%\RCX2.tmp
- %APPDATA%\ieudinit.exe
- %ALLUSERSPROFILE%\clipsrv.exe
- %ALLUSERSPROFILE%\ieudinit.exe
- %APPDATA%\Microsoft\logman.exe
- <LS_APPDATA>\lsm.exe
- %ALLUSERSPROFILE%\winlogon.exe
- %ALLUSERSPROFILE%\mqtgsvc.exe
- %APPDATA%\ieudinit.exe
- ClassName: 'Indicator' WindowName: ''