Техническая информация
- [<HKLM>\SOFTWARE\Classes\ppds\Shell\Open\Command] '' = '"Rundll32.exe" "%PROGRAM_FILES%\pumsoft\\InstallDll.dll" OutputSet'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\chartmp
- %TEMP%\is-OQFSS.tmp\is-DS564.tmp /SL4 $40036 "<Полный путь к вирусу>" 717356 52224
- %WINDIR%\msdos32\Config.ini
- %WINDIR%\msdos32\Install.tmp
- %PROGRAM_FILES%\pumsoft\unins000.dat
- %WINDIR%\msdos32\infofile.tmp
- %WINDIR%\ucdos.lnk
- %WINDIR%\msdos32\ucdos.ppds
- %WINDIR%\msdos32\rd.txt
- %TEMP%\is-O8LCT.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-O8LCT.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-OQFSS.tmp\is-DS564.tmp
- %TEMP%\is-O8LCT.tmp\InstallDll.dll
- %PROGRAM_FILES%\pumsoft\is-SNETF.tmp
- %PROGRAM_FILES%\pumsoft\is-VOTHR.tmp
- %PROGRAM_FILES%\pumsoft\is-COS16.tmp
- %TEMP%\is-O8LCT.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-OQFSS.tmp\is-DS564.tmp
- %TEMP%\is-O8LCT.tmp\InstallDll.dll
- %TEMP%\is-O8LCT.tmp\_isetup\_RegDLL.tmp
- %PROGRAM_FILES%\pumsoft\is-SNETF.tmp в %PROGRAM_FILES%\pumsoft\Install.tmp
- %PROGRAM_FILES%\pumsoft\is-VOTHR.tmp в %PROGRAM_FILES%\pumsoft\InstallDll.dll
- %PROGRAM_FILES%\pumsoft\is-COS16.tmp в %PROGRAM_FILES%\pumsoft\unins000.exe
- '12#.#24.9.120':8022
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''