Техническая информация
- [<HKLM>\SOFTWARE\Classes\icofile\shell\Open\Command] '' = ''
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\МЪС¶ QQ.lnk
- %WINDIR%\sleep.exe 500
- <SYSTEM32>\cmd.exe /c """%TEMP%\temp_tmp.bat"" "
- %PROGRAM_FILES%\Tencent\QQ\Bin\2501681.bat
- %PROGRAM_FILES%\Tencent\QQ\Bin\3579100.ico
- %ALLUSERSPROFILE%\Desktop\Internat Explorar.lnk
- %TEMP%\nsc3.tmp\nsExec.dll
- %TEMP%\nsc3.tmp\ns4.tmp
- %PROGRAM_FILES%\Tencent\МЪС¶QQ.lnk
- %ALLUSERSPROFILE%\Desktop\МФ±¦№єОп.url
- %TEMP%\temp_tmp.bat
- %TEMP%\nsc3.tmp\ns6.tmp
- %TEMP%\nsc3.tmp\ns5.tmp
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\tbgw.dat
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\sotpod.dat
- %ALLUSERSPROFILE%\Application Data\WD\kswbc.dll
- %ALLUSERSPROFILE%\Application Data\WD\kswebshield.dll
- %ALLUSERSPROFILE%\Application Data\WD\KSWebShield.exe
- %TEMP%\nsc2.tmp
- %TEMP%\nsc3.tmp\FindProcDLL.dll
- %ALLUSERSPROFILE%\Application Data\WD\kwssp.dll
- %TEMP%\nsc3.tmp\AccessControl.dll
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\seoic.icw
- %WINDIR%\tbgw.ico
- %ALLUSERSPROFILE%\Application Data\WD\kwsui.dll
- %ALLUSERSPROFILE%\Application Data\kingsoft\kws\spitesp.dat
- %TEMP%\nsc3.tmp\AccessControl.dll
- %TEMP%\nsc3.tmp\FindProcDLL.dll
- %TEMP%\nsc3.tmp\nsExec.dll
- %TEMP%\nsc3.tmp\ns4.tmp
- %TEMP%\nsc3.tmp\ns5.tmp
- %TEMP%\nsc3.tmp\ns6.tmp