Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'rtyuoo' = 'c:\fvr32.com'
- %HOMEPATH%\Start Menu\Programs\Startup\update.exe
- '%WINDIR%\update.exe'
- '%WINDIR%\os4.exe'
- 'C:\fvr32.com'
- '%WINDIR%\gameboost.exe'
- '%TEMP%\is-HUJ9C.tmp\gameboost.tmp' /SL5="$200F2,1424604,254464,%WINDIR%\gameboost.exe"
- '%WINDIR%\UnRAR.exe' e -o- -plol update.rar
- ClassName: 'tIBIAcLIENT' WindowName: ''
- %WINDIR%\update.exe
- %TEMP%\is-9AHT0.tmp\_isetup\_isdecmp.dll
- %WINDIR%\os4.exe
- C:\fvr32.com
- %WINDIR%\update.rar
- %WINDIR%\gameboost.exe
- %WINDIR%\UnRAR.exe
- %TEMP%\is-9AHT0.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-HUJ9C.tmp\gameboost.tmp
- C:\fvr32.com
- %TEMP%\$mad$res$00000cc4$956304$
- %WINDIR%\update.rar
- %WINDIR%\UnRAR.exe
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''