Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'rundll.exe' = '"<LS_APPDATA>\rundll.exe" /background'
- '<LS_APPDATA>\rundll.exe'
- '<LS_APPDATA>\ventrilo-3.0.8-Windows-i386_2.exe'
- '<SYSTEM32>\msiexec.exe' -Embedding B7E95127B91C344952BB2905DF15DCDC C
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\msiexec.exe' /I "%CommonProgramFiles%\Wise Installation Wizard\WIS789289CAF73A4A16A33154D498CE069F_3_0_8.MSI" WISE_SETUP_EXE_PATH="<LS_APPDATA>\ventrilo-3.0.8-Windows-i386_2.exe"
- %TEMP%\MSI1.tmp
- %TEMP%\MSI2.tmp
- %TEMP%\MSI3.tmp
- %TEMP%\320c8.msi
- <LS_APPDATA>\ventrilo-3.0.8-Windows-i386_2.exe
- <LS_APPDATA>\rundll.exe
- %CommonProgramFiles%\Wise Installation Wizard\WIS789289CAF73A4A16A33154D498CE069F_3_0_8.MSI
- %TEMP%\MSI3.tmp
- %TEMP%\MSI2.tmp
- %TEMP%\MSI1.tmp
- '17#.#38.160.18':80
- 17#.#38.160.18/getme.php?u=########
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'