Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager] 'BootExecute' = ''
- '%TEMP%\7ZipSfx.000\SetupGreen32.exe'
- '%TEMP%\7ZipSfx.000\LoadDrv_Win32.exe'
- '%TEMP%\7ZipSfx.000\LoadDrv_Win32.exe' -u
- '%TEMP%\7ZipSfx.000\PartAssist.exe'
- '%TEMP%\7ZipSfx.000\SetupGreen32.exe' -u
- %TEMP%\7ZipSfx.000\PE.dll
- %TEMP%\7ZipSfx.000\ScanPartition.dll
- %TEMP%\7ZipSfx.000\wimgapi.dll
- %TEMP%\7ZipSfx.000\mfc80u.dll
- %TEMP%\7ZipSfx.000\msvcp80.dll
- %TEMP%\7ZipSfx.000\msvcr80.dll
- C:\AMTAG.BIN
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\upgrade[1].ini
- %TEMP%\7ZipSfx.000\upgrade2.ini
- %TEMP%\7ZipSfx.000\native\wlh\x86\fre\ampa.sys
- %TEMP%\7ZipSfx.000\native\wlh\amd64\fre\ampa.sys
- %TEMP%\7ZipSfx.000\log\ampa0.log
- %TEMP%\7ZipSfx.000\cfg.ini
- %TEMP%\7ZipSfx.000\wnd.ini
- %TEMP%\7ZipSfx.000\EPW.exe
- %TEMP%\7ZipSfx.000\Microsoft.VC80.CRT.manifest
- %TEMP%\7ZipSfx.000\Microsoft.VC80.MFC.manifest
- %TEMP%\7ZipSfx.000\cn.txt
- %TEMP%\7ZipSfx.000\SetupGreen32.exe
- %TEMP%\7ZipSfx.000\SetupGreen64.exe
- %TEMP%\7ZipSfx.000\Winchk.exe
- %TEMP%\7ZipSfx.000\LoadDrv_Win32.exe
- %TEMP%\7ZipSfx.000\LoadDrv_x64.exe
- %TEMP%\7ZipSfx.000\PartAssist.exe
- C:\AMTAG.BIN
- %TEMP%\7ZipSfx.000\upgrade2.ini в %TEMP%\7ZipSfx.000\upgrade.ini
- 'www.di####artition.com':80
- 'localhost':1036
- www.di####artition.com/cn/upgrade.ini
- DNS ASK www.di####artition.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'