Техническая информация
- '<SYSTEM32>\reg.exe' delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager" /f
- '<SYSTEM32>\reg.exe' delete "HKEY_LOCAL_MACHINE\SOFTWARE\Internet Download Manager" /f
- '<SYSTEM32>\reg.exe' delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v IDMan /f
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\taskkill.exe' /f /t /im IDMan.exe
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\x.bat" "
- '<SYSTEM32>\reg.exe' delete "HKEY_CURRENT_USER\Software\DownloadManager" /f
- '<SYSTEM32>\taskkill.exe' /f /t /im IEMonitor.exe
- %TEMP%\RarSFX0\DelKey.reg
- %TEMP%\RarSFX0\Hosts File Shortcut.lnk
- %TEMP%\RarSFX0\idm_thisan.lng
- %TEMP%\RarSFX0\zone-it.com.url
- %TEMP%\RarSFX0\RegKey_x64.reg
- %TEMP%\RarSFX0\RegKey.reg
- %TEMP%\RarSFX0\SK.exe
- %TEMP%\RarSFX0\idm517.exe
- %TEMP%\RarSFX0\x.bat
- %TEMP%\RarSFX0\tips_thisan.txt
- %TEMP%\RarSFX0\silent.exe
- %TEMP%\RarSFX0\RUN.exe
- %TEMP%\RarSFX0\IDMan.exe
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''