Техническая информация
- [<HKLM>\SOFTWARE\Classes\odfile\shell\open\command] '' = 'explorer /n,"%PROGRAM_FILES%\T%H"'
- [<HKLM>\SOFTWARE\Classes\opfile\shell\open\command] '' = 'explorer /n,"%PROGRAM_FILES%\%H"'
- %TEMP%\nsh4.tmp\ns6.tmp c:\4701.bat
- %HOMEPATH%\Templates\kksetups.exe
- %HOMEPATH%\Templates\acd5646.exe
- <SYSTEM32>\wbem\wmic.exe userAccount where "Name='%USERNAME%'" get SID /value
- <SYSTEM32>\cmd.exe /c c:\4701.bat
- [<HKCU>\Software\FlashFXP]
- %PROGRAM_FILES%\kuaijiejie\icons\ОТµДµзДФ.png
- %PROGRAM_FILES%\kuaijiejie\icons\ОТµДОДµµ.png
- %PROGRAM_FILES%\kuaijiejie\icons\їШЦЖГж°е.png
- %PROGRAM_FILES%\kuaijiejie\icons\јЗКВ±ѕ.png
- %TEMP%\nsh4.tmp\ns6.tmp
- %TEMP%\tmp7.tmp
- %TEMP%\tmp8.tmp
- %PROGRAM_FILES%\kuaijiejie\icons\soft\FXP.png
- %PROGRAM_FILES%\kuaijiejie\icons\soft\ACDSee.png
- %PROGRAM_FILES%\kuaijiejie\icons\soft\CS.png
- %PROGRAM_FILES%\kuaijiejie\icons\јЖЛгЖч.png
- %HOMEPATH%\Templates\a.bat
- %HOMEPATH%\Templates\kksetups.exe
- %HOMEPATH%\Templates\win125646.txt
- %TEMP%\nsr2.tmp\System.dll
- %HOMEPATH%\Templates\install.exe
- %PROGRAM_FILES%\kuaijiejie\icons\IE1.png
- %PROGRAM_FILES%\kuaijiejie\icons\IE2.png
- %TEMP%\nsh4.tmp\nsExec.dll
- %TEMP%\nsh4.tmp\System.dll
- C:\4701.bat
- %TEMP%\tmp7.tmp
- %TEMP%\nsr2.tmp\System.dll