Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\VD_<Служебное имя>] 'Start' = '00000001'
- '%TEMP%\7ZipSfx.000\_Setup32.exe'
- '%WINDIR%\regedit.exe' /S Fix.reg
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\install.cmd" "
- %WINDIR%\RAR.PIF
- %WINDIR%\UC.PIF
- %WINDIR%\PKZIP.PIF
- %WINDIR%\NOCLOSE.PIF
- %WINDIR%\PKUNZIP.PIF
- <DRIVERS>\SET4.tmp
- <SYSTEM32>\dllcache\usbser.sys.new
- %WINDIR%\LastGood\TMP2.tmp
- %WINDIR%\Fix.reg
- <DRIVERS>\SET1.tmp
- %WINDIR%\LHA.PIF
- <DRIVERS>\vd_<Служебное имя>.sys
- <DRIVERS>\p2k.inf
- %TEMP%\7ZipSfx.000\_Setup32.exe
- %TEMP%\7ZipSfx.000\install.cmd
- %TEMP%\7ZipSfx.000\hidcon.exe
- <SYSTEM32>\DevCon.exe
- %WINDIR%\ARJ.PIF
- <DRIVERS>\usbser.sys
- <DRIVERS>\USBMOT2000.INF
- <DRIVERS>\p2k.sys
- <DRIVERS>\SET1.tmp
- <DRIVERS>\SET4.tmp в <DRIVERS>\usbser.sys
- <SYSTEM32>\dllcache\usbser.sys.new в <SYSTEM32>\dllcache\usbser.sys
- %WINDIR%\LastGood\TMP2.tmp в %WINDIR%\LastGood\system32\drivers\usbser.sys
- <DRIVERS>\usbser.sys в <DRIVERS>\OLD3.tmp
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'