Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftFZ' = '%AllUsersProfile%\MicrosoftFZ.exe'
- %TEMP%\7ZipSfx.000\FreshZone.reg
- %TEMP%\7ZipSfx.000\run.reg
- %TEMP%\7ZipSfx.000\AUP.exe
- %ALLUSERSPROFILE%\FreshZone.ico
- %ALLUSERSPROFILE%\MicrosoftFZ.exe
- %ALLUSERSPROFILE%\FreshZone.ico
- %ALLUSERSPROFILE%\MicrosoftFZ.exe
- %TEMP%\7ZipSfx.000\AUP.exe
- %TEMP%\7ZipSfx.000\FreshZone.reg
- %TEMP%\7ZipSfx.000\run.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\7ZipSfx.000\AUP.exe'
- '%WINDIR%\regedit.exe' /S FreshZone.reg
- '%WINDIR%\regedit.exe' /S run.reg