Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Driver_Update_11' = 'E:\windows\svchost.exe -LM'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Driver_Update' = '<Имя диска съемного носителя>:\windows\svchost.exe -LM'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Driver_' = '%WINDIR%\svchost.exe -LM'
- %WINDIR%\svchost.exe
- %WINDIR%\regedit.exe /S svchost.reg
- <SYSTEM32>\xcopy.exe svchost.exe %WINDIR%\ /y /h
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\svc.bat" "
- %TEMP%\1.tmp\svchost.reg
- %WINDIR%\svchost.exe
- %TEMP%\1.tmp\svc.bat
- %TEMP%\1.tmp\svchost.exe
- %TEMP%\1.tmp\svc.bat
- %TEMP%\1.tmp\svchost.reg
- %TEMP%\1.tmp\svchost.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''