Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\zenupdate] 'ImagePath' = '%WINDIR%\Windows\1.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\zenupdate] 'Start' = '00000002'
- '<SYSTEM32>\sc.exe' create zenupdate binPath= %WINDIR%\Windows\1.exe DisplayName= Zenupdate type= own start= auto
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\1.bat" "
- %TEMP%\RarSFX0\2.bat.lnk
- %TEMP%\RarSFX0\3.bat
- %TEMP%\RarSFX0\1.bat
- %TEMP%\RarSFX0\3.bat
- %TEMP%\RarSFX0\2.bat.lnk
- %TEMP%\RarSFX0\1.bat
- ClassName: 'EDIT' WindowName: ''