Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'IDMan' = '%ProgramFiles% (x86)\Internet Download Manager\idman.exe /onboot'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RocketDock' = '"%ProgramFiles% (x86)\Rocket Dock\RocketDock.exe"'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\MRT64.bat""
- '%WINDIR%\regedit.exe' /S "%TEMP%\1.tmp\MRT64.bat"
- '%TEMP%\RarSFX0\IDM.exe'
- '%TEMP%\RarSFX0\ROffice64.exe' /silent
- '%WINDIR%\regedit.exe' /s "%TEMP%\\regpatch.reg"
- %TEMP%\1.tmp\MRT64.bat
- %TEMP%\RarSFX0\ROffice64.exe
- %TEMP%\RarSFX0\IDM.exe
- %TEMP%\RarSFX0\IDM.exe
- %TEMP%\RarSFX0\ROffice64.exe
- %TEMP%\1.tmp\MRT64.bat
- %TEMP%\regpatch.reg
- %TEMP%\dup2patcher.dll
- %TEMP%\regpatch.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''