Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{10031569-A707-22d2-9CBD-0000F87A469H}] 'StubPath' = '%CommonProgramFiles%\Microsoft Shared\INK\10031569.435'
- [<HKLM>\SOFTWARE\Classes\435file\shell\open\command] '' = '%WINDIR%\inf\ґтУЎ»ъ.{2227a280-3aea-1069-a2de-08002b30309d}\explore.txt:explore.exe %1'
- '<SYSTEM32>\cacls.exe' "%WINDIR%\inf\┤Є╙б╗·.{2227a280-3aea-1069-a2de-08002b30309d}" /d everyone /e
- '%WINDIR%\regedit.exe' /S "<Имя диска съемного носителя>:\1.reg"
- '<SYSTEM32>\cmd.exe' /c "%CommonProgramFiles%\1.bat"
- '<SYSTEM32>\cmd.exe' /c "%CommonProgramFiles%\Microsoft Shared\MSInfo\ntfs.bat"
- %CommonProgramFiles%\Microsoft Shared\MSInfo\aay.txt
- %CommonProgramFiles%\Microsoft Shared\INK\10031569.435
- %CommonProgramFiles%\Microsoft Shared\MSInfo\hou.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\win.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\qq.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\xinzhu.txt
- %CommonProgramFiles%\360.jpg
- <Текущая директория>\Unrar.dll
- %CommonProgramFiles%\a3.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ntfs.bat
- %CommonProgramFiles%\1.bat
- %WINDIR%\inf\+ЄLб¬·.{2227a280-3aea-1069-a2de-08002b30309d}\KuGou.exe
- %CommonProgramFiles%\360.jpg
- %CommonProgramFiles%\1.bat
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'