Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'install' = '%WINDIR%\WINDOWS\install.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'install' = '%WINDIR%\WINDOWS\install.exe'
- [<HKLM>\SOFTWARE\Classes\dllfile\shell\open\command] '' = 'rundll32.exe'
- '%TEMP%\tmp12.exe'
- '%TEMP%\tmp10.exe'
- '%WINDIR%\WINDOWS\install.exe'
- '%TEMP%\tmp14.exe'
- '%TEMP%\tmp20.exe'
- '%TEMP%\tmp18.exe'
- '%TEMP%\tmp16.exe'
- '%TEMP%\tmp8.exe'
- '%TEMP%\tmp3.exe'
- '%TEMP%\tmp2.exe'
- '%TEMP%\tmp1.exe'
- '%TEMP%\tmp4.exe'
- '%TEMP%\tmp7.exe'
- '%TEMP%\tmp6.exe'
- '%TEMP%\tmp5.exe'
- %TEMP%\tmp14.exe
- %TEMP%\bt60431.bat
- %TEMP%\bt15335.bat
- %TEMP%\tmp12.exe
- %TEMP%\bt22588.bat
- %TEMP%\tmp16.exe
- %TEMP%\bt73378.bat
- %TEMP%\bt32740.bat
- %TEMP%\tmp20.exe
- %TEMP%\tmp18.exe
- %TEMP%\bt50761.bat
- %WINDIR%\WINDOWS\install.sys
- %TEMP%\tmp4.exe
- %TEMP%\tmp5.exe
- %TEMP%\tmp3.exe
- %TEMP%\tmp1.exe
- %TEMP%\tmp2.exe
- %TEMP%\tmp6.exe
- %TEMP%\bt13806.bat
- %TEMP%\tmp10.exe
- %WINDIR%\WINDOWS\install.exe
- %TEMP%\tmp7.exe
- %TEMP%\tmp8.exe
- %TEMP%\bt50761.bat
- %TEMP%\bt60431.bat
- %TEMP%\bt32740.bat
- %TEMP%\bt73378.bat
- %TEMP%\bt15335.bat
- %TEMP%\bt13806.bat
- %WINDIR%\WINDOWS\install.exe
- %TEMP%\bt22588.bat
- %WINDIR%\WINDOWS\install.sys
- '72.##2.205.251':12345
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'