Техническая информация
- '%TEMP%\Kaspresky.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\doc.doc
- ClassName: 'OLLYDBG' WindowName: '(null)'
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ .lnk
- %TEMP%\Kaspresky.exe
- %TEMP%\doc.doc
- %TEMP%\ico.ico
- ClassName: 'WispWindowClass' WindowName: '(null)'
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'