Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'x86 microsoft update' = '<SYSTEM32>\x86.exe'
- '%PROGRAM_FILES%\eus\bs\Windows Loader.exe'
- %PROGRAM_FILES%\eus\bs\Windows Loader.exe
- <SYSTEM32>\x86.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: 'STATIC' WindowName: 'q3TDgcZ4p2up0Z77amQP 00000AF8'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'