Техническая информация
- %TEMP%\1.tmp\8.exe
- <SYSTEM32>\reg.exe delete "HKLM\SYSTEM\Remote Manipulator System" /f
- <SYSTEM32>\attrib.exe +s +h "<SYSTEM32>\catroot3"
- <SYSTEM32>\attrib.exe +s +h +r ""%TEMP%\blat.dll""
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\install.bat" "
- <SYSTEM32>\taskkill.exe /f /im RManServer.exe
- <SYSTEM32>\taskkill.exe /f /im rutserv.exe
- <SYSTEM32>\catroot3\dsfVorbisEncoder.dll
- <SYSTEM32>\catroot3\dsfTheoraEncoder.dll
- <SYSTEM32>\catroot3\Microsoft.VC80.CRT.manifest
- <SYSTEM32>\catroot3\HookDrv.dll
- <SYSTEM32>\catroot3\dsfOggMux.dll
- %TEMP%\1.tmp\Microsoft.VC80.CRT.manifest
- %TEMP%\1.tmp\HookDrv.dll
- <SYSTEM32>\de.exe
- %TEMP%\1.tmp\msvcp80.dll
- <SYSTEM32>\catroot3\rversionlib.dll
- <SYSTEM32>\catroot3\rutserv.exe
- <SYSTEM32>\catroot3\set.reg
- <SYSTEM32>\catroot3\RWLN.dll
- <SYSTEM32>\catroot3\RIPCServer.dll
- <SYSTEM32>\catroot3\msvcr80.dll
- <SYSTEM32>\catroot3\msvcp80.dll
- <SYSTEM32>\catroot3\PushSource.ax
- <SYSTEM32>\catroot3\rfusclient.exe
- %TEMP%\1.tmp\dsfVorbisEncoder.dll
- %TEMP%\1.tmp\rutserv.exe
- %TEMP%\1.tmp\RIPCServer.dll
- %TEMP%\1.tmp\RWLN.dll
- %TEMP%\1.tmp\rversionlib.dll
- %TEMP%\1.tmp\rfusclient.exe
- %TEMP%\1.tmp\msvcr80.dll
- %TEMP%\1.tmp\install.bat
- %TEMP%\1.tmp\realip.exe
- %TEMP%\1.tmp\PushSource.ax
- %TEMP%\1.tmp\de.exe
- %TEMP%\1.tmp\blat.lib
- %TEMP%\1.tmp\dsfTheoraEncoder.dll
- %TEMP%\1.tmp\dsfOggMux.dll
- %TEMP%\1.tmp\blat.exe
- %TEMP%\1.tmp\stop.js
- %TEMP%\1.tmp\set.reg
- %TEMP%\1.tmp\blat.dll
- %TEMP%\1.tmp\8.exe
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''