Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'comfig/f' = '<SYSTEM32>\comfig.exe'
- <SYSTEM32>\reg.exe add "hklm\software\microsoft\windows\currentversion\run" /v "comfig/f" /t reg_sz /d "<SYSTEM32>\comfig.exe" /f
- %TEMP%\2840TXRM.bat
- %TEMP%\2840TXRM.bat
- %TEMP%\2840TXRM.bat