Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'installedrw.exe' = 'C:\TDDownload\atruiwang\installedrw.exe'
- 'C:\TDDownload\atruiwang\installedrw.exe'
- '%PROGRAM_FILES%\atruiwang\autorw.exe'
- C:\TDDownload\atruiwang\atruiwang.exe
- C:\TDDownload\atruiwang\noiedialog.exe
- %PROGRAM_FILES%\atruiwang\autorw.exe
- C:\TDDownload\atruiwang\installedrw.exe
- C:\TDDownload\atruiwang\installedrw.exe
- 'tj.##erey.com':8088
- DNS ASK tj.##erey.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'