Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Iprip] 'Start' = '00000002'
- %TEMP%\GLJ2.tmp <SYSTEM32>\fsutk.dll
- %TEMP%\set.exe
- <SYSTEM32>\logonui.exe /status /shutdown
- C:\Recycled\~GLH0006.TMP
- <SYSTEM32>\~GLH0005.TMP
- %TEMP%\~GLH0004.TMP
- C:\Recycled\~GLH0009.TMP
- %WINDIR%\Help\~GLH0008.TMP
- %WINDIR%\inf\~GLH0007.TMP
- <SYSTEM32>\~GLH0003.TMP
- %TEMP%\GLG4.tmp
- %TEMP%\GLJ2.tmp
- %TEMP%\GLC1.tmp
- C:\Recycled\~GLH0002.TMP
- %WINDIR%\inf\~GLH0001.TMP
- %WINDIR%\~GLH0000.TMP
- %TEMP%\GLJ2.tmp
- %TEMP%\GLC1.tmp
- %TEMP%\set.exe
- %TEMP%\GLG4.tmp
- C:\Recycled\~GLH0006.TMP в C:\Recycled\lip.dat
- <SYSTEM32>\~GLH0005.TMP в <SYSTEM32>\liprip.dll
- %WINDIR%\inf\~GLH0007.TMP в %WINDIR%\inf\iplbk.inf
- C:\Recycled\~GLH0009.TMP в C:\Recycled\ctv.dat
- %WINDIR%\Help\~GLH0008.TMP в %WINDIR%\Help\FKHFU.CHI
- %WINDIR%\inf\~GLH0001.TMP в %WINDIR%\inf\optkec.inf
- %WINDIR%\~GLH0000.TMP в %WINDIR%\kentgo.log
- C:\Recycled\~GLH0002.TMP в C:\Recycled\qkf.dat
- %TEMP%\~GLH0004.TMP в %TEMP%\set.exe
- <SYSTEM32>\~GLH0003.TMP в <SYSTEM32>\fsutk.dll
- ClassName: 'StatusWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''