Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv.exe -o'
- <SYSTEM32>\SET5.tmp
- %WINDIR%\Temp\OLD4.tmp
- %WINDIR%\LastGood\TMP3.tmp
- <SYSTEM32>\SET8.tmp
- %WINDIR%\Temp\OLD7.tmp
- %WINDIR%\LastGood\TMP6.tmp
- %TEMP%\IXP000.TMP\Riched30.inf
- %TEMP%\IXP000.TMP\riched32.dll
- %TEMP%\IXP000.TMP\riched20.dll
- %TEMP%\IXP000.TMP\W95INF16.DLL
- %TEMP%\IXP000.TMP\W95INF32.DLL
- %TEMP%\IXP000.TMP\ADVPACK.DLL
- %TEMP%\IXP000.TMP\ADVPACK.DLL
- %TEMP%\IXP000.TMP\W95INF32.DLL
- %TEMP%\IXP000.TMP\Riched30.inf
- %TEMP%\IXP000.TMP\riched20.dll
- %TEMP%\IXP000.TMP\riched32.dll
- <SYSTEM32>\SET8.tmp
- <SYSTEM32>\SET5.tmp
- %WINDIR%\Temp\OLD7.tmp
- %TEMP%\IXP000.TMP\W95INF16.DLL
- %WINDIR%\Temp\OLD4.tmp
- %WINDIR%\LastGood\TMP6.tmp в %WINDIR%\LastGood\system32\Riched20.dll
- %WINDIR%\LastGood\TMP3.tmp в %WINDIR%\LastGood\system32\Riched32.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''