Техническая информация
- '%PROGRAM_FILES%\Company\NewProduct\RMS.exe'
- '%PROGRAM_FILES%\Company\NewProduct\BILIARDI.exe'
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\msiexec.exe' /x {54067864-C0E7-47DB-A0C1-D6C874CE6BD8} /qn REBOOT=ReallySuppress
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\msiexec.exe' /x {61FFA475-24D5-44FB-A51F-39B699E3D82C} /qn REBOOT=ReallySuppress
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\install.cmd" "
- '<SYSTEM32>\chcp.com' 1251
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\7ZipSfx.000\28.reg
- %TEMP%\7ZipSfx.000\install.cmd
- %PROGRAM_FILES%\Company\NewProduct\Uninstall.ini
- %PROGRAM_FILES%\Remote Manipulator System - Host\winmm.dll
- %TEMP%\7ZipSfx.000\winmm.dll
- %TEMP%\7ZipSfx.000\rms.host5.6ru.msi
- %PROGRAM_FILES%\Company\NewProduct\BILIARDI.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\Company\NewProduct\Uninstall.exe
- %TEMP%\$inst\0001.tmp
- %PROGRAM_FILES%\Company\NewProduct\RMS.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\0001.tmp
- 'ax##er.com':80
- ax##er.com/billiards_advert.php
- DNS ASK ax##er.com
- ClassName: 'Shell_TrayWnd' WindowName: ''