Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdate' = '%APPDATA%\update.bat'
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v WindowsUpdate /d "%APPDATA%\update.bat" /t REG_SZ /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\update.bat" "
- %APPDATA%\update.bat
- %WINDIR%\SysWOW64\Cabal.dll
- %TEMP%\update.bat
- %TEMP%\Trainer.exe
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''