Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\et47\LORREGaim.exe
- %HOMEPATH%\Start Menu\Programs\Startup\ar.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\et47\LORREGaim.exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\ar.exe'
- '%TEMP%\ade72.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\ftp.exe' -s:"C:\TMP\e0216ff4a0.part"
- '<SYSTEM32>\ping.exe' 8.8.8.8
- %TEMP%\CH2HEWUT.bat
- %TEMP%\4AICWJI9.bat
- C:\TMP\e0216ff4a0.part
- C:\TMP\current.fat
- %PROGRAM_FILES%\0\1\Uninstall.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\0\1\Uninstall.exe
- %TEMP%\ade72.exe
- %TEMP%\CH2HEWUT.bat
- %TEMP%\4AICWJI9.bat
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\4AICWJI9.bat
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- '31.##0.164.66':21
- 'localhost':1037
- ClassName: '#32771' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''