Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '!!TXPlatform.exe' = '%PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.exe'
- %TEMP%\RarSFX0\Daor.icc KDC.exe
- %TEMP%\RarSFX0\winIogon.exe
- %WINDIR%\regedit.exe /s TXPlatform.reg
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.bat" "
- %TEMP%\E_N4\iext2.fne
- %TEMP%\E_N4\iext.fnr
- %TEMP%\E_N4\iext3.fne
- %PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.reg
- %PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.bat
- %PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.exe
- %PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPIatform.exe
- %TEMP%\RarSFX0\Text.exe
- %TEMP%\RarSFX0\KDC.exe
- %TEMP%\RarSFX0\Daor.icc
- %TEMP%\RarSFX0\winIogon.exe
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\RarSFX0\Cel.exe
- %TEMP%\RarSFX0\BoFang.exe
- %PROGRAM_FILES%\Microsoft Office\OFF1CE11\TXPlatform.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''