Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Slave] 'Start' = '00000002'
- '%WINDIR%\Slave.exe'
- '%TEMP%\afolder\slave.exe'
- '<SYSTEM32>\attrib.exe' +h %TEMP%\ztmp
- C:\ra_slave.log
- %WINDIR%\Slave.exe
- %TEMP%\ztmp\tmp6346.exe
- %TEMP%\afolder\slave.exe
- %TEMP%\ztmp\tmp8770.bat
- %TEMP%\ztmp\tmp6346.exe
- %TEMP%\afolder\slave.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''