Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- '%TEMP%\is-LMP68.tmp\is-PGFHK.tmp' /SL4 $40092 %TEMP%\7zS1.tmp\2008_11_24_01_webvulnscan6.exe 59415110 69120
- '%TEMP%\7zS1.tmp\2008_11_24_01_webvulnscan6.exe'
- '%TEMP%\IXP000.TMP\2008_1~1.EXE'
- %TEMP%\is-KDAU2.tmp\_shfoldr.dll
- %TEMP%\is-KDAU2.tmp\Install.dll
- <SYSTEM32>\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
- %TEMP%\IXP000.TMP\updater.exe
- %TEMP%\7zS1.tmp\2008_11_24_01_webvulnscan6.exe
- %TEMP%\is-LMP68.tmp\is-PGFHK.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''