Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\RkHit] 'ImagePath' = '<DRIVERS>\RKHit.sys'
- '%TEMP%\RarSFX0\PU.exe'
- '%TEMP%\RarSFX0\RunHiddenConsole.exe' /w run.bat
- '<SYSTEM32>\reg.exe' add "HKLM\Software\Perfect Uninstaller" /v CheckUpdate /t REG_DWORD /d 0 /f
- '<SYSTEM32>\reg.exe' add "HKLM\Software\Perfect Uninstaller" /v RegistryKey /d "0EEE7-8F0AE-0KD33-YREEC" /f
- '<SYSTEM32>\cmd.exe' /c run.bat
- %TEMP%\RarSFX0\RKHit.sys
- %TEMP%\RarSFX0\puUpdate.exe
- %TEMP%\RarSFX0\PU.exe
- %TEMP%\RarSFX0\RkHitApi.dll
- <DRIVERS>\RKHit.sys
- <SYSTEM32>\AK083E209605E394C.lie
- %TEMP%\RarSFX0\spkdll.dll
- %TEMP%\RarSFX0\RunHiddenConsole.exe
- %TEMP%\RarSFX0\run.bat
- %TEMP%\RarSFX0\Update.ini
- %TEMP%\RarSFX0\filelist.lst
- %TEMP%\RarSFX0\PerfectUninstaller.url
- %TEMP%\RarSFX0\opfile.dll
- %TEMP%\RarSFX0\md5.dll
- %TEMP%\RarSFX0\PerfectUninstaller.url
- %TEMP%\RarSFX0\PU.exe
- %TEMP%\RarSFX0\opfile.dll
- %TEMP%\RarSFX0\filelist.lst
- %TEMP%\RarSFX0\md5.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''