Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Update' = '%CommonProgramFiles%\UPDAT\Update.exe'
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1D901067-2529-4A9B-9B6B-7A1DB3A44CB5}] 'ClsidExtension' = '{D1BB7CF4-4463-4e91-88D7-ECC3CE0A13B7}'
- [<HKLM>\SYSTEM\ControlSet001\Services\Hardware] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\BKMARKS] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\wbem\IRJIT.dll",Export @install
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\spted.dll",ExportFunc 1001
- %CommonProgramFiles%\UPDAT\update.exe
- <SYSTEM32>\wbem\IRJIT.dll
- %PROGRAM_FILES%\CoolWebsite\uninst.exe
- %CommonProgramFiles%\UPDAT\update.dat
- <SYSTEM32>\spted.dll
- <SYSTEM32>\nt.sys
- <SYSTEM32>\wbem\ocmor.dat
- %PROGRAM_FILES%\CoolWebsite\QuickLink.dll