Техническая информация
- <SYSTEM32>\MSIMTF.dll файлом <SYSTEM32>\MSIMTF.dll
- <SYSTEM32>\rundll32.exe %WINDIR%\xx.tmp1 Run
- <SYSTEM32>\cmd.exe /c "%TEMP%\del.bat"
- %TEMP%\E_N4\xplib.fne
- %TEMP%\E_N4\shellEx.fne
- %TEMP%\del.bat
- <SYSTEM32>\dllcache\MSIMTF.dll
- <SYSTEM32>\MSIMTF_.dll
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\waigua.exe
- %TEMP%\aa.exe
- %WINDIR%\xx.tmp
- <SYSTEM32>\adc.kml
- %WINDIR%\xx.tmp1
- %TEMP%\aa.exe
- <SYSTEM32>\MSIMTF.dll в <SYSTEM32>\TempFile_a1s
- ClassName: 'Shell_TrayWnd' WindowName: ''