Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run] '' = '%WINDIR%\igfxext.exe'
- <SYSTEM32>\at.exe /delete /y
- <SYSTEM32>\at.exe 25:10 <SYSTEM32>\check.bat
- <SYSTEM32>\at.exe 25:11 %WINDIR%\igfxext.exe
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\update.bat" "
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\winupdate.bat" "
- <SYSTEM32>\tskill.exe ravmon
- <SYSTEM32>\attrib.exe +h <SYSTEM32>\ver.ini
- <SYSTEM32>\check.bat
- <SYSTEM32>\ver.ini
- %WINDIR%\systmp.txt
- %WINDIR%\update.bat
- <SYSTEM32>\winupdate.bat
- %WINDIR%\igfxext.exe
- C:\VMPFull_Tencent.COM
- <SYSTEM32>\ver.ini
- %TEMP%\~DFB982.tmp