Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TWUNK_16.EXE' = '%WINDIR%\VOLUME\TWUNK_16.EXE'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '%WINDIR%\VOLUME\TWUNK_16.EXE'
- %WINDIR%\Task.exe
- [<HKCU>\Software\Microsoft\MSNMessenger]
- <SYSTEM32>\Audio-CDROM.wav_________________________________________________________.exe
- %WINDIR%\Task.exe
- <SYSTEM32>\SoundTrack01.CD_________________________________________________________.exe
- <SYSTEM32>\ShowMe-Real.DVD_________________________________________________________.exe
- <SYSTEM32>\File-04-Music.DVD_________________________________________________________.exe
- <SYSTEM32>\Connection.exe
- <SYSTEM32>\winhelpM.exe
- %PROGRAM_FILES%\Internet Explorer\Media Player.exe
- %WINDIR%\VOLUME\twunk_16.exe
- %WINDIR%\VOLUME\twunk_16.exe
- <SYSTEM32>\winhelpM.exe
- <SYSTEM32>\Connection.exe
- %TEMP%\~DFD99D.tmp
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''