Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'TencentUpdate' = '%APPDATA%\InstallShield\Tmp\TencentUpdate.vbe'
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\InstallShield\Tmp\TencentUpdate1.bat" "
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /v TencentUpdate /t REG_SZ /d "%APPDATA%\InstallShield\Tmp\TencentUpdate.vbe" /f
- '%APPDATA%\InstallShield\Tmp\TencentUpdate.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %APPDATA%\InstallShield\Tmp\TencentUpdate.int
- %APPDATA%\InstallShield\Tmp1\2016-05-25\2016-05-25-03-57-36.jpg
- %APPDATA%\InstallShield\Tmp\TencentUpdate1.int
- %APPDATA%\InstallShield\Tmp\TencentUpdate.exe
- %APPDATA%\InstallShield\Tmp\TencentUpdate.dll
- %APPDATA%\InstallShield\Tmp\TencentUpdate.int в %APPDATA%\InstallShield\Tmp\TencentUpdate.vbe
- %APPDATA%\InstallShield\Tmp\TencentUpdate.int в %APPDATA%\InstallShield\Tmp\TencentUpdate.bat
- %APPDATA%\InstallShield\Tmp\TencentUpdate1.int в %APPDATA%\InstallShield\Tmp\TencentUpdate1.bat
- %APPDATA%\InstallShield\Tmp\TencentUpdate.int
- '20#.#0.80.80':8880
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''