Техническая информация
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- [<HKLM>\Software\Classes\MSProgramGroup\Shell\Open\Command] '' = '<SYSTEM32>\grpconv.exe %1'
- [<HKLM>\System\CurrentControlSet\Services\tccp] 'ImagePath' = 'system32\DRIVERS\tccp.sys'
- %TEMP%\tccp.log
- <SYSTEM32>\autorun_dvd_32.exe
- %TEMP%\tccp.sys
- %TEMP%\tccp.inf
- %TEMP%\tccp.cat
- %WINDIR%\inf\oem0.inf
- %WINDIR%\inf\oem0.pnf
- <DRIVERS>\set3.tmp
- <DRIVERS>\set3.tmp в <DRIVERS>\tccp.sys
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\grpconv.exe' -o