Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TTLservice' = '<SYSTEM32>\TTlservice.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\grandlocksev] 'Start' = '00000002'
- '%TEMP%\RarSFX0\granddogsev.exe'
- '<SYSTEM32>\TTLclient.exe'
- '<SYSTEM32>\TTLService.exe'
- '%TEMP%\RarSFX0\install.exe'
- '<SYSTEM32>\granddogsev.exe' /install
- <SYSTEM32>\TTLclient.exe
- <SYSTEM32>\TTLService.exe
- <SYSTEM32>\bpl.dat
- <SYSTEM32>\granddogsev.exe
- <SYSTEM32>\Borland\Bde.ini
- %TEMP%\RarSFX0\Bpl.dat
- %TEMP%\RarSFX0\granddogsev.exe
- %TEMP%\RarSFX0\paramete.ini
- %TEMP%\RarSFX0\install.exe
- %TEMP%\RarSFX0\USBHUB.sys
- %TEMP%\RarSFX0\TTLService.exe
- %TEMP%\RarSFX0\paramete.ini
- %TEMP%\RarSFX0\TTLService.exe
- %TEMP%\RarSFX0\USBHUB.sys
- %TEMP%\RarSFX0\Bpl.dat
- %TEMP%\RarSFX0\granddogsev.exe
- %TEMP%\RarSFX0\install.exe
- ClassName: '' WindowName: 'Ggj'
- ClassName: 'TGBQMainForm' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'GCL'