Техническая информация
- '%TEMP%\nsh2.tmp\ns4.tmp' <SYSTEM32>\regini.exe <SYSTEM32>\regini.ini
- '%TEMP%\nsh2.tmp\ns3.tmp' <SYSTEM32>\regini.exe <SYSTEM32>\oldyuan.ini
- '<SYSTEM32>\regini.exe' <SYSTEM32>\regini.ini
- '<SYSTEM32>\regini.exe' <SYSTEM32>\oldyuan.ini
- %HOMEPATH%\Start Menu\ЙПНшµјєЅ.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk
- %TEMP%\nsh2.tmp\nsExec.dll
- %TEMP%\nsh2.tmp\ns4.tmp
- %TEMP%\nsh2.tmp\ns3.tmp
- %CommonProgramFiles%\baidu\Baidu.html
- %HOMEPATH%\Favorites\µҐ»ъУОП·ПВФШ.url
- %WINDIR%\НшЦ·µјєЅ.url
- <SYSTEM32>\oldyuan.ini
- <SYSTEM32>\regini.ini
- %WINDIR%\НшЦ·µјєЅ.url
- <SYSTEM32>\oldyuan.ini
- <SYSTEM32>\regini.ini
- %TEMP%\nsh2.tmp\ns3.tmp
- %TEMP%\nsh2.tmp\ns4.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'