Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft® Windows® Operating System' = '%HOMEPATH%\Templates\wab32.exe'
- '%TEMP%\cres.exe'
- '%TEMP%\f.exe'
- '%TEMP%\DirectDB.exe'
- '%HOMEPATH%\Templates\wab32.exe'
- '%TEMP%\svchosts.exe'
- '%TEMP%\RedbotPro.exe'
- '%TEMP%\i.exe' -pwr
- '%TEMP%\is-N2SHO.tmp\RedbotPro.tmp' /SL5="$40092,762302,54272,%TEMP%\RedbotPro.exe"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- ClassName: 'TibiaClient' WindowName: ''
- %TEMP%\cres.exe
- %TEMP%\f.exe
- %TEMP%\DirectDB.exe
- %APPDATA%\1334\1334.txt
- %HOMEPATH%\Templates\wab32.exe
- %TEMP%\is-7KRE5.tmp\_isetup\_shfoldr.dll
- %TEMP%\svchosts.exe
- %TEMP%\RedbotPro.exe
- %TEMP%\is-N2SHO.tmp\RedbotPro.tmp
- %TEMP%\is-7KRE5.tmp\_isetup\_RegDLL.tmp
- %TEMP%\i.exe
- %HOMEPATH%\Templates\wab32.exe
- %TEMP%\DirectDB.exe
- ClassName: 'nvftray' WindowName: 'nvftray'
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''