Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'BatteryCare' = '<Полный путь к вирусу>'
- <SYSTEM32>\powercfg.exe /BATTERYALARM critical
- <SYSTEM32>\powercfg.exe /BATTERYALARM low
- %APPDATA%\BatteryCare\dbB.dat
- %APPDATA%\BatteryCare\optionsB.dat
- %APPDATA%\BatteryCare\db.dat
- %APPDATA%\BatteryCare\options.dat
- %APPDATA%\BatteryCare\log.txt
- 'up####.batterycare.net':80
- up####.batterycare.net/update.bcv
- DNS ASK up####.batterycare.net
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''