Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'UpdateT' = '%APPDATA%\mservice32_t.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Update' = ''
- %TEMP%\changer.exe
- %TEMP%\updater.exe
- %APPDATA%\mservice32_t.exe
- %TEMP%\server_et.exe
- %TEMP%\patch2.exe
- <SYSTEM32>\regsvr32.exe /s "%APPDATA%\IE\bho.dll"
- <SYSTEM32>\regsvr32.exe /u /s "%APPDATA%\IE\bho.dll"
- ClassName: 'TibiaClient' WindowName: ''
- %APPDATA%\firefox@mozilla.com\content\overlay.js
- %APPDATA%\firefox@mozilla.com\install.rdf
- %APPDATA%\firefox@mozilla.com\chrome.manifest
- %APPDATA%\firefox@mozilla.com\content\overlay.xul
- %APPDATA%\IE\settings.dat
- %APPDATA%\IE\bho.dll
- %APPDATA%\firefox@mozilla.com\content\settings.js
- %TEMP%\server_et.exe
- %TEMP%\patch2.exe
- %TEMP%\changer.exe
- %APPDATA%\mservice32_t.exe
- %TEMP%\updater.exe
- %TEMP%\Language\English.lang
- %TEMP%\Language.dat
- 'ks####.kimsufi.com':80
- ks####.kimsufi.com/check_version.php?et##
- DNS ASK ks####.kimsufi.com
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''