Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IMEPADSV' = '<SYSTEM32>\ime\IMEPADSV.EXE'
- <SYSTEM32>\IME\imepadsv.exe /install
- %TEMP%\GCA1.tmp\setupjp.exe
- <SYSTEM32>\7-zip32.dll
- %TEMP%\GCA1.tmp\~dx00100.tmp
- <SYSTEM32>\vb6jp.dll
- <SYSTEM32>\regedit.exe
- <SYSTEM32>\IME\imepadsv.exe
- %TEMP%\GCA1.tmp\~dx00101.tmp
- %TEMP%\GCA1.tmp\setupjp.exe
- %TEMP%\GCA1.tmp\~dx00102.tmp
- %TEMP%\GCA1.tmp\~dx00104.tmp
- %TEMP%\GCA1.tmp\~dx00103.tmp
- <SYSTEM32>\IME\imepadsv.exe
- %TEMP%\GCA1.tmp\~dx00102.tmp
- %TEMP%\GCA1.tmp\~dx00103.tmp
- %TEMP%\GCA1.tmp\~dx00104.tmp
- %TEMP%\GCA1.tmp\setupjp.exe
- %TEMP%\GCA1.tmp\~dx00100.tmp
- %TEMP%\GCA1.tmp\~dx00101.tmp