Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Isass.exe' = 'C:\Users\Public\Microsoft Build\Isass.exe'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Isass.exe' = 'C:\Users\Public\Microsoft Build\Isass.exe'
- C:\far2\far.exe
- <Drive name for removable media>:\wrar520.exe
- C:\users\public\microsoft build\isass.exe
- %TEMP%\jwrmy
- %TEMP%\ddpxw
- %TEMP%\jwrmy
- %TEMP%\ddpxw
- ClassName: '' WindowName: 'PartyPoker.com: Poker Lobby '
- ClassName: '' WindowName: 'Titan Poker login'
- ClassName: '' WindowName: 'Log In'
- ClassName: '' WindowName: 'Full Tilt Poker'
- 'C:\users\public\microsoft build\isass.exe'
- 'C:\users\public\microsoft build\isass.exe' Tablet <Full path to file>
- 'C:\users\public\microsoft build\isass.exe' ' (with hidden window)
- 'C:\users\public\microsoft build\isass.exe' Tablet <Full path to file>' (with hidden window)