Техническая информация
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- [<HKLM>\System\CurrentControlSet\Services\tccp] 'ImagePath' = 'system32\DRIVERS\tccp.sys'
- %TEMP%\tccp.log
- %WINDIR%\syswow64\autorun_dvd_32.exe
- %TEMP%\tccp.sys
- %TEMP%\tccp.inf
- %TEMP%\tccp.cat
- %TEMP%\tccpx64.exe
- <DRIVERS>\setc47f.tmp
- %WINDIR%\temp\uddcc01.tmp
- %WINDIR%\temp\udddf3c.tmp
- %WINDIR%\temp\udde71d.tmp
- %WINDIR%\temp\uddeeee.tmp
- %WINDIR%\temp\uddf6ce.tmp
- %WINDIR%\temp\uddfeaf.tmp
- %WINDIR%\temp\uddcc01.tmp
- %WINDIR%\temp\udddf3c.tmp
- %WINDIR%\temp\udde71d.tmp
- %WINDIR%\temp\uddeeee.tmp
- %WINDIR%\temp\uddf6ce.tmp
- %WINDIR%\temp\uddfeaf.tmp
- <DRIVERS>\setc47f.tmp в <DRIVERS>\tccp.sys
- '%TEMP%\tccpx64.exe'
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\grpconv.exe' -o