Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '%WINDIR%\svchost.com "%1" %*'
- C:\Far2\Far.exe
- '%TEMP%\3582-490\<Имя вируса>.exe' %TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER -ORIGIN:<Текущая директория>\
- '%TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe' "%TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER" "-ORIGIN:<Текущая директория>\"
- '%TEMP%\cetrainers\CET1.tmp\<Имя вируса>.exe' -ORIGIN:"<Текущая директория>\"
- %TEMP%\cetrainers\CET1.tmp\extracted\win32\dbghelp.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\lua5.1-32.dll
- %TEMP%\3582-490\<Имя вируса>.exe
- %TEMP%\tmp5023.tmp
- %WINDIR%\svchost.com
- %TEMP%\cetrainers\CET1.tmp\<Имя вируса>.exe
- %TEMP%\cetrainers\CET1.tmp\CET_Archive.dat
- %TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER
- %TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe
- %TEMP%\cetrainers\CET1.tmp\extracted\defines.lua
- %TEMP%\cetrainers\CET1.tmp\extracted\lua5.1-32.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\win32\dbghelp.dll
- %TEMP%\cetrainers\CET1.tmp\extracted\defines.lua
- %TEMP%\cetrainers\CET1.tmp\extracted\CET_TRAINER.CETRAINER
- %TEMP%\cetrainers\CET1.tmp\extracted\<Имя вируса>.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''