Technical Information
- [<HKLM>\Software\Microsoft\Active Setup\Installed Components\{394D0E87-8E3E-067C-1352-4C9AC52F3F7E}] 'StubPath' = '<Current directory>\server.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost.exe' = '<Current directory>\server.exe'
- %WINDIR%\explorer.exe
- ClassName: 'FileMonClass', WindowName: ''
- ClassName: 'RegMonClass', WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- <Current directory>\server.exe
- <Current directory>\melt.bat
- '<LOCALNET>.1.3':81
- ClassName: 'ThunderRT6FormDC' WindowName: 'Shareware Cheater v 3.0'
- ClassName: 'ThunderRT6FormDC' WindowName: ''
- '<Current directory>\server.exe'
- '<Current directory>\server.exe' ' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c Melt.bat' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c Melt.bat
- '%ProgramFiles%\opera\launcher.exe' -noautoupdate -- "%1"