Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] '1' = 'osd32.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] '2' = 'iexplore.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] '1' = 'osd32.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\ha5setup.exe'
- '<SYSTEM32>\hdd7.exe'
- '<SYSTEM32>\shutdown.exe' -r -t 0 -f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\ha5setup.bat" "
- <SYSTEM32>\hdd7.exe
- <SYSTEM32>\osd32.exe
- %TEMP%\1.tmp\ha5setup.bat
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- <SYSTEM32>\ha5setup.exe
- <SYSTEM32>\osd32.exe
- <SYSTEM32>\hdd7.exe
- <SYSTEM32>\ha5setup.exe
- %TEMP%\1.tmp\ha5setup.bat
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'