Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'updte' = '%APPDATA%\Microsoft\updte\svchost1.scr'
- %HOMEPATH%\Start Menu\Programs\Startup\Microsoft1.lnk
- '<SYSTEM32>\rundll32.exe' advapi32.dll,ProcessIdleTasks
- '<SYSTEM32>\defrag.exe' -p 47c -s 00000534 -b C: