Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,<SYSTEM32>\icbcwatch.exe'
- '%TEMP%\~nsu.tmp\Au_.exe' _?=%TEMP%\
- '<SYSTEM32>\icbcwatch.exe'
- '%TEMP%\uninst.exe'
- '%WINDIR%\explorer.exe'
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Templates\Internet Explorer.lnk
- %HOMEPATH%\Desktop4mv555.ini
- %TEMP%\nsu7.tmp
- %HOMEPATH%\Desktop\Internet Explorer.nak
- %ALLUSERSPROFILE%\Start Menu\Programs\Internet Explorer.nak
- %HOMEPATH%\Start Menu\Programs\Internet Explorer.nak
- %TEMP%\~nsu.tmp\Au_.exe
- %TEMP%\nsp3.tmp\System.dll
- <SYSTEM32>\icbcwatch.exe
- %TEMP%\nsp2.tmp
- %TEMP%\nsm5.tmp
- %TEMP%\uninst.exe
- %TEMP%\wuqiu.ini
- %TEMP%\wuqiu.ini
- %HOMEPATH%\Templates\Internet Explorer.lnk
- %TEMP%\nsp3.tmp\System.dll
- %TEMP%\uninst.exe
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'SystemTray_Main' WindowName: '(null)'
- ClassName: 'CSCHiddenWindow' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Proxy Desktop' WindowName: '(null)'
- ClassName: 'BaseBar' WindowName: 'ChanApp'