Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'register' = '"C:\Temp\Update\register.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Physix32' = '"C:\Temp\Update\register.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Physix64' = '"AVPnetwork.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AVPnetwork' = '"C:\Temp\Update\AVPnetwork.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'repair' = '"C:\Temp\Update\"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'upd.exe' = '"nvupdate.exe"'
- 'C:\Temp\Update\register.exe'
- 'C:\Temp\Update\AVPnetwork.exe'
- Библиотека-обработчик для всех процессов: C:\Temp\Update\Prog_hook_dll.dll
- %PROGRAM_FILES%\Company\NewProduct\Uninstall.ini
- %PROGRAM_FILES%\Company\NewProduct\Uninstall.exe
- C:\Temp\Update\name.txt
- C:\Temp\Update\MyName.txt
- C:\Temp\Update\look2.jpg
- C:\Temp\Update\command.txt
- C:\Temp\Update\AVPnetwork.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- C:\Temp\Update\Prog_hook_dll.dll
- C:\Temp\Update\log.txt
- C:\Temp\Update\register.exe
- C:\Temp\Update\qtintf70.dll
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'qq#.ucoz.ru':80
- '2i#.ru':80
- 'qq#.ucoz.ru':21
- qq#.ucoz.ru/command.txt
- 2i#.ru/
- DNS ASK 2i#.ru
- DNS ASK qq#.ucoz.ru
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'