Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'atruiwang.exe' = '"C:\TDDownload\atruiwang\atruiwang.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'QQGames' = 'C:\TDDownload\atruiwang\installed.exe'
- C:\TDDownload\atruiwang\atruiwang.exe
- C:\TDDownload\atruiwang\installed.exe
- %PROGRAM_FILES%\atruiwang\autorw.exe
- C:\TDDownload\atruiwang\rwplay.exe
- %PROGRAM_FILES%\rw_b102_xz1.exe.log
- C:\TDDownload\atruiwang\atruiwang.exe
- %PROGRAM_FILES%\atruiwang\autorw.exe
- C:\TDDownload\atruiwang\installed.exe
- C:\TDDownload\atruiwang\installed.exe
- '12#.#26.82.15':8150
- 'tj.##erey.com':8088
- DNS ASK tj.##erey.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''