Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Whpwal] 'Start' = '00000002'
- %TEMP%\23200dd58f8b2b225999eb1107d87e173540ad965e913ed2c3e2d9e235fe13d7.exe
- %TEMP%\iexplore.exe
- %WINDIR%\regedit.exe /s "%TEMP%\209578_lang.reg"
- <SYSTEM32>\svchost.exe -k netsvcs
- %WINDIR%\regedit.exe /e "%TEMP%\203171_lang.reg" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost"
- %WINDIR%\regedit.exe /s "%TEMP%\203171_lang.reg"
- <SYSTEM32>\dllcache\Whpwalex.dll
- %TEMP%\214421_res.tmp
- %WINDIR%\Whpwalex.dll_lang.ini
- %WINDIR%\Whpwalex.dll
- %TEMP%\23200dd58f8b2b225999eb1107d87e173540ad965e913ed2c3e2d9e235fe13d7.exe
- %TEMP%\iexplore.exe
- %TEMP%\209578_lang.reg
- %TEMP%\203171_lang.reg
- %TEMP%\214421_res.tmp
- %TEMP%\23200dd58f8b2b225999eb1107d87e173540ad965e913ed2c3e2d9e235fe13d7.exe
- %TEMP%\203171_lang.reg
- %TEMP%\209578_lang.reg
- '12#.#16.22.81':2011
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''