Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- %TEMP%\BIMware\Setup\x64.msi
- %TEMP%\BIMware\Setup\x86.msi
- %TEMP%\27c89.msi
- %TEMP%\BIMware\Setup\startup.cmd
- %TEMP%\IXP000.TMP\startup.cmd
- %TEMP%\IXP000.TMP\x64.msi
- %TEMP%\IXP000.TMP\x86.msi
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\BIMware\Setup\x86.msi"
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\cmd.exe' /c %TEMP%\IXP000.TMP\startup.cmd
- '<SYSTEM32>\xcopy.exe' "." "%TEMP%\BIMware\Setup" /S /E /Y /Q