Техническая информация
- [<HKLM>\Software\Classes\reg\shell\open\command] '' = '"%TEMP%\2k10\RegWorkshop\RegWorkshopX64.exe" /g "%1"'
- %TEMP%\2k10\regworkshop\regworkshop.chm
- %TEMP%\2k10\regworkshop\rwreg.txt
- %TEMP%\2k10\regworkshop\regworkshop.ini
- %TEMP%\2k10\regworkshop\regworkshop.exe
- %TEMP%\2k10\regworkshop\regworkshopx64.exe
- %TEMP%\2k10\regworkshop\crashrpt.dll
- %TEMP%\2k10\regworkshop\rwresrus.dll
- '%TEMP%\2k10\regworkshop\regworkshopx64.exe'
- '%WINDIR%\syswow64\cmd.exe' /c if exist "<Текущая директория>\..\..\User.Config\Eng" del /q rwresrus.dll' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c if exist "<Текущая директория>\..\..\User.Config\Eng" del /q rwresrus.dll