Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DirtyRemover' = '"<SYSTEM32>\DR.exe" -auto'
- <SYSTEM32>\wscript.exe "<LS_APPDATA>\start.vbs"
- <SYSTEM32>\reg.exe add "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Run Dirty Remover\command" /ve /d "\"<SYSTEM32>\DR.exe\" -auto" /f
- <SYSTEM32>\reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ /v "DirtyRemover" /t REG_SZ /d "\"<SYSTEM32>\DR.exe\" -auto" /f
- <LS_APPDATA>\Help.html
- <LS_APPDATA>\UninstallDirtyRemover.bat
- <LS_APPDATA>\DirtyRemover.ini
- %TEMP%\a64212.bat
- C:\Dirty_Remover_v3(20080816)___by___n0f3a6.log
- <SYSTEM32>\DR.exe
- C:\DirtyRemover.ini
- <LS_APPDATA>\Print.bat
- <LS_APPDATA>\dr.bat
- <LS_APPDATA>\Clean.bat
- <LS_APPDATA>\TK.bat
- <LS_APPDATA>\Custom.bat
- <LS_APPDATA>\start.vbs
- <LS_APPDATA>\end.vbs
- %TEMP%\a64212.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''