Техническая информация
- %TEMP%\RarSFX0\imPcRemoteInstant.exe -c
- %TEMP%\RarSFX0\ultravnc.ini
- %TEMP%\RarSFX0\vnchooks.dll
- %TEMP%\RarSFX0\SCHook.dll
- %TEMP%\RarSFX0\logmessages.dll
- %TEMP%\RarSFX0\rpuvnc.exe
- %TEMP%\RarSFX0\imPcRemoteInstant.exe
- %TEMP%\RarSFX0\brand.ini
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- %TEMP%\RarSFX0\brand.ico
- %TEMP%\RarSFX0\SecureVNCPlugin.dsm
- %TEMP%\RarSFX0\cad.exe
- %TEMP%\RarSFX0\driver\driver\mv2.sys
- %TEMP%\RarSFX0\driver\install.bat
- %TEMP%\RarSFX0\driver\driver\mv2.inf
- %TEMP%\RarSFX0\driver\driver\mv2.cat
- %TEMP%\RarSFX0\driver\driver\mv2.dll
- %TEMP%\RarSFX0\driver\install_silent.bat
- %TEMP%\RarSFX0\driver\uninstall_silent.bat
- %TEMP%\RarSFX0\logging.dll
- %TEMP%\RarSFX0\driver\uninstall.bat
- %TEMP%\RarSFX0\driver\license.txt
- %TEMP%\RarSFX0\driver\setupdrv.exe
- 'co.##om-co.net':5555
- 's0#.##pcremote.com':5555
- DNS ASK co.##om-co.net
- DNS ASK s0#.##pcremote.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''