Техническая информация
- [<HKLM>\SOFTWARE\Classes\inifile\shell\open\command] '' = '"%ProgramFiles%\chqi\dmcore.exe" "%1"'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\desktop.ini
- %WINDIR%\Temp\t.sdf
- %WINDIR%\Temp\xysop.sdf
- %WINDIR%\Temp\imwp.exe
- %WINDIR%\Temp\iwatch.sdf
- %WINDIR%\Temp\stdwatch.sdf
- %ProgramFiles%\chqi\iwatch.sdf
- %ProgramFiles%\chqi\stdwatch.sdf
- %ProgramFiles%\chqi\t.sdf
- %ProgramFiles%\chqi\xysop.sdf
- %ProgramFiles%\chqi\dmcore.exe
- %WINDIR%\Temp\iwatch.sdf
- %WINDIR%\Temp\stdwatch.sdf
- %WINDIR%\Temp\t.sdf
- %WINDIR%\Temp\xysop.sdf
- %ProgramFiles%\chqi\t.sdf
- %WINDIR%\Temp\imwp.exe
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\Temp\imwp.exe' /k
- '%WINDIR%\Temp\imwp.exe' /ErrorStdOut /AutoIt3ExecuteScript %WINDIR%\Temp\t.sdf
- '%ProgramFiles%\chqi\dmcore.exe' /ErrorStdOut /AutoIt3ExecuteScript stdwatch.sdf
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.1 -n 5&del /q "%WINDIR%\Temp\imwp.exe"
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 5