Техническая информация
- C:\Games\tmp\rscheck.exe
- %TEMP%\bild.exe
- %TEMP%\worldmap.exe
- <SYSTEM32>\ftp.exe -s:%WINDIR%\FTp.scr
- <SYSTEM32>\cmd.exe /c ""C:\Games\tmp\nncle.bat" "
- <SYSTEM32>\ping.exe -n 10 127.0.0.1
- <SYSTEM32>\wscript.exe "%TEMP%\rscheck.vbs"
- <SYSTEM32>\cmd.exe /c ""C:\Games\tmp\syschek.bat" "
- %WINDIR%\regedit.exe /ea C:\Games\tmp\reg.reg "HKEY_CURRENT_USER\Software\QuantGames\Siege Online\Authorization"
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- C:\Games\tmp\nncle.bat
- %TEMP%\rscheck.vbs
- %WINDIR%\FTp.scr
- C:\Games\tmp\syschek.bat
- %TEMP%\worldmap.exe
- %TEMP%\bild.exe
- C:\Games\tmp\rscheck.exe
- C:\Games\tmp\syschek.bat
- C:\Games\tmp\rscheck.exe
- %TEMP%\rscheck.vbs
- 'ft#.#arod.ru':21
- 'localhost':1036
- DNS ASK ft#.#arod.ru
- ClassName: '' WindowName: 'The Wireshark Network Analyzer'
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''