Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'win' = '<SYSTEM32>\win.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svc' = '<SYSTEM32>\svc.exe'
- <SYSTEM32>\regsvr32.exe mswinsck.ocx
- <SYSTEM32>\taskkill.exe /im win.exe
- <SYSTEM32>\taskkill.exe /im svc.exe
- %TEMP%\~DF81E.tmp
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''