Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '[EXPL0RER]' = '%PROGRAM_FILES%\feiyue.exe'
- '%TEMP%\HELPCTR.EXE' -FromStartHelp
- 'C:\ltev.exe'
- 'C:\wy.exe'
- '<SYSTEM32>\cmd.exe' /c C:\delus.bat
- C:\delus.bat
- %TEMP%\HELPCTR.EXE
- <SYSTEM32>\31A20000.tmp
- %TEMP%\MSIMG32.dll
- %TEMP%\stinst.log
- C:\wy.exe
- %PROGRAM_FILES%\feiyue.exe
- C:\ltev.exe
- <SYSTEM32>\aw98fd4f41110
- <SYSTEM32>\aw98fd4f41110
- %TEMP%\MSIMG32.dll
- %TEMP%\HELPCTR.EXE
- <SYSTEM32>\aw98fd4f41110
- C:\wy.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'