Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{C4560D12-CE25-4A2E-A5D4-B5070FCBE282}' = 'fhtyfile.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{C4560D12-CE25-4A2E-A5D4-B5070FCBE282}' = 'csiddll'
- '%TEMP%\m3ss.exe'
- '%TEMP%\small.exe'
- '%TEMP%\7t.exe'
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\System\flyplug.dll
- '<SYSTEM32>\cmd.exe' /c afc9fe2f418b00a0.bat
- '<SYSTEM32>\rundll32.exe' try4311.dll , InstallMyDll
- '<SYSTEM32>\regsvr32.exe' "%TEMP%\Messenger\ThunderSafe.dll" /s
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\fhtyfile.dll
- <SYSTEM32>\try4311.dll
- <SYSTEM32>\dllcache\try4311.dll
- %TEMP%\Messenger\sysmain.dat
- %TEMP%\Messenger\sysvc.dat
- %TEMP%\afc9fe2f418b00a0.bat
- %TEMP%\3596799a1543bc9f.aqq
- <SYSTEM32>\fhtyfile.dll
- %WINDIR%\system\flyplug.dll
- %TEMP%\7t.exe
- %TEMP%\m3ss.exe
- %TEMP%\small.exe
- %TEMP%\wu.exe
- %TEMP%\Messenger\ccfapi321.dll
- %TEMP%\Messenger\nvsys.ini
- %TEMP%\Messenger\ThunderSafe.dll
- %TEMP%\Messenger\ccfapi32.dll
- %TEMP%\small.exe
- %TEMP%\3596799a1543bc9f.aqq
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''