Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\PowerManager] 'Start' = '00000002'
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE
- '%WINDIR%\svchost.exe' "%TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe" "%TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:<Текущая директория>\"
- '%WINDIR%\svchost.exe'
- '%TEMP%\cetrainers\CET1.tmp\<Имя вируса>.exe' -ORIGIN:"<Текущая директория>\"
- '%TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe' "%TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:<Текущая директория>\"
- %TEMP%\cetrainers\CET1.tmp\extracted\lua5.1-32.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe
- %WINDIR%\svchost.exe
- %TEMP%\cetrainers\CET1.tmp\extracted\win32\dbghelp.dll
- %TEMP%\cetrainers\CET1.tmp\<Имя вируса>.exe
- %TEMP%\cetrainers\CET1.tmp\CET_Archive.dat
- %TEMP%\cetrainers\CET1.tmp\extracted\defines.lua
- %TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER
- %TEMP%\cetrainers\CET1.tmp\extracted\lua5.1-32.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\win32\dbghelp.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\defines.lua
- %TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe
- %TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER
- ClassName: 'Shell_TrayWnd' WindowName: ''