Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Eserver' = '%WINDIR%\audiodg\Eserver.exe'
- %WINDIR%\audiodg\Eserver.exe
- %TEMP%\is-5T33S.tmp\<Имя вируса>.tmp /SL5="$40036,677648,65536,<Полный путь к вирусу>"
- %WINDIR%\audiodg\is-6CCIJ.tmp
- %WINDIR%\audiodg\is-86P4S.tmp
- %WINDIR%\audiodg\is-50JT6.tmp
- %WINDIR%\audiodg\is-KGNBJ.tmp
- %WINDIR%\audiodg\is-LM58H.tmp
- %WINDIR%\audiodg\is-KNBPR.tmp
- %WINDIR%\audiodg\is-CLM9M.tmp
- %WINDIR%\audiodg\is-PR9S0.tmp
- %WINDIR%\audiodg\is-2RFQU.tmp
- %WINDIR%\audiodg\is-JTGBT.tmp
- %TEMP%\is-5B8JS.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-5B8JS.tmp\trayiconctrl.dll
- %TEMP%\is-5T33S.tmp\<Имя вируса>.tmp
- %TEMP%\is-5B8JS.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-5B8JS.tmp\ISTask.dll
- %WINDIR%\audiodg\is-6OPO7.tmp
- %WINDIR%\audiodg\is-03TJ9.tmp
- %WINDIR%\audiodg\is-76BFS.tmp
- %WINDIR%\audiodg\is-O2FM2.tmp
- %WINDIR%\audiodg\uninst.exe
- %WINDIR%\audiodg\sData2.dll
- %WINDIR%\audiodg\SData.dll
- %WINDIR%\audiodg\VNCHooks.dll
- %WINDIR%\audiodg\videos.dll
- %WINDIR%\audiodg\UpdateOffice.exe
- %WINDIR%\audiodg\readme.txt
- %WINDIR%\audiodg\Eserver.exe
- %WINDIR%\audiodg\CDLL.dll
- %WINDIR%\audiodg\cad.exe
- %WINDIR%\audiodg\ofs.nfd
- %WINDIR%\audiodg\OfficeServer.db
- %WINDIR%\audiodg\Language_gb32.ini
- %TEMP%\is-5B8JS.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-5T33S.tmp\<Имя вируса>.tmp
- %TEMP%\is-5B8JS.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-5B8JS.tmp\ISTask.dll
- %TEMP%\is-5B8JS.tmp\trayiconctrl.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''