Техническая информация
- [<HKLM>\SOFTWARE\Classes\fzx\Shell\Open\Command] '' = '"Rundll32.exe" "winms32.pcu" readfile'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\elnk.lnk
- '<SYSTEM32>\regsvr32.exe' /s "%WINDIR%\winmsagent\fancygame.ocx"
- '<SYSTEM32>\rundll32.exe' "%WINDIR%\winmsagent\ukingsoft.dcu" kinsoft
- '%TEMP%\is-82584.tmp\is-C8MLO.tmp' /SL4 $30092 "<Полный путь к файлу>" 1786309 52224
- %WINDIR%\winmsagent\fancygame.ocx
- %WINDIR%\winmsagent\infofile.tmp
- %WINDIR%\winmsagent\Config.ini
- %WINDIR%\winmsagent\erun.fzx
- %WINDIR%\winmsagent\winrun.ico
- %WINDIR%\winms32.pcu
- %WINDIR%\winmsagent\rd.txt
- %WINDIR%\winmsagent\ukingsoft.dcu
- %WINDIR%\winmsagent\Install.tmp
- %TEMP%\is-AO1P7.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-AO1P7.tmp\InstallDll.dll
- %TEMP%\is-82584.tmp\is-C8MLO.tmp
- %TEMP%\is-AO1P7.tmp\_isetup\_RegDLL.tmp
- %ProgramFiles%\Sum520\is-IAS98.tmp
- %ProgramFiles%\Sum520\unins000.dat
- %ProgramFiles%\Sum520\is-LPRIF.tmp
- %ProgramFiles%\Sum520\is-TDRB2.tmp
- %TEMP%\is-AO1P7.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-82584.tmp\is-C8MLO.tmp
- %TEMP%\is-AO1P7.tmp\InstallDll.dll
- %TEMP%\is-AO1P7.tmp\_isetup\_RegDLL.tmp
- %ProgramFiles%\Sum520\is-IAS98.tmp в %ProgramFiles%\Sum520\Install.tmp
- %ProgramFiles%\Sum520\is-TDRB2.tmp в %ProgramFiles%\Sum520\InstallDll.dll
- %ProgramFiles%\Sum520\is-LPRIF.tmp в %ProgramFiles%\Sum520\unins000.exe
- '12#.#24.9.113':8022
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''