Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Ad Muncher' = '%ProgramFiles%\AdMuncher Y.S\AdMunch.exe'
- %TEMP%\~206c.bat
- %LOCALAPPDATA%\ad.reg
- %LOCALAPPDATA%\admuncher.exe
- %ProgramFiles%\admuncher y.s\install.ini
- %ProgramFiles%\admuncher y.s\admunch.exe
- %ProgramFiles%\admuncher y.s\admunch64.exe
- %ProgramFiles%\admuncher y.s\admunch.dll
- %ProgramFiles%\admuncher y.s\am31318.dll
- %ProgramFiles%\admuncher y.s\am32-32130.dll
- %ProgramFiles%\admuncher y.s\am64-32130.dll
- %ProgramFiles%\admuncher y.s\amdat.dll
- %ProgramFiles%\admuncher y.s\am31318.fre
- %HOMEPATH%\desktop\admuncher.lnk
- %PROGRAMDATA%\ad muncher\config.dat
- %PROGRAMDATA%\ad muncher\registration.dat
- %PROGRAMDATA%\ad muncher\license.dat
- %TEMP%\~206c.bat
- %TEMP%\~206c.bat
- %LOCALAPPDATA%\ad.reg
- %LOCALAPPDATA%\admuncher.exe
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'AdMuncherMain' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%LOCALAPPDATA%\admuncher.exe'
- '%ProgramFiles%\admuncher y.s\admunch.exe'
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~206C.BAT "<Полный путь к файлу>"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~206C.BAT "<Полный путь к файлу>"
- '%WINDIR%\syswow64\regedit.exe' /s AD.reg