Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Virtual Printer Driver' = '"%APPDATA%\WinRAR\Temporarys\WinPrint.exe"'
- %APPDATA%\winrar\temporarys\winprint.exe
- %APPDATA%\winrar\temporarys\libeay32.dll
- %APPDATA%\winrar\temporarys\ssleay32.dll
- %APPDATA%\winrar\temporarys\cons.exe
- %APPDATA%\winrar\temporarys\winspool.drv
- %APPDATA%\winrar\temporarys\uniprint.exe
- 'ws#s.ga':443
- 'id.####teutilities.com':5655
- '23.##5.252.66':5655
- DNS ASK id.####teutilities.com
- DNS ASK ws#s.ga
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\winrar\temporarys\winprint.exe'
- '%APPDATA%\winrar\temporarys\cons.exe'
- '%APPDATA%\winrar\temporarys\uniprint.exe'
- '%WINDIR%\syswow64\cmd.exe' /c REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /V "Virtual Printer Driver" /t REG_SZ /F /D "\"%APPDATA%\WinRAR\Temporarys\WinPrint.exe\""' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /V "Virtual Printer Driver" /t REG_SZ /F /D "\"%APPDATA%\WinRAR\Temporarys\WinPrint.exe\""
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /V "Virtual Printer Driver" /t REG_SZ /F /D "\"%APPDATA%\WinRAR\Temporarys\WinPrint.exe\""