Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'teste' = '"%WINDIR%\progama.bat"'
- %WINDIR%\teste.exe
- %WINDIR%\anony1.exe
- %TEMP%\RemoteRebootX.exe
- %TEMP%\Hacker Tibia Extreme v1.exe
- %WINDIR%\regedit.exe /s %WINDIR%\teste.reg
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\progama.bat" "
- %WINDIR%\teste.reg
- %WINDIR%\teste.exe
- %WINDIR%\comandos.txt
- %WINDIR%\anony.html
- %TEMP%\Hacker Tibia Extreme v1.exe
- %TEMP%\RemoteRebootX.exe
- %WINDIR%\progama.bat
- %WINDIR%\anony1.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''