Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,<SYSTEM32>\clearie.exe'
- <SYSTEM32>\clearie.exe
- %TEMP%\~nsu.tmp\Au_.exe _?=%TEMP%\
- C:\ki1.exe
- %TEMP%\uninst.exe
- %TEMP%\nsj6.tmp
- %TEMP%\uninst.exe
- %TEMP%\~nsu.tmp\Au_.exe
- C:\errlog.txt
- %TEMP%\nsq8.tmp
- %TEMP%\nsi3.tmp
- C:\ki1.exe
- <SYSTEM32>\clearie.exe
- %TEMP%\wuqiu.ini
- %TEMP%\nsd4.tmp\System.dll
- C:\ki1.exe
- %TEMP%\wuqiu.ini
- %TEMP%\nsd4.tmp\System.dll
- %TEMP%\uninst.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''