Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DiraServices' = '<SYSTEM32>\DiraServices.exe'
- <SYSTEM32>\find.exe /i "Fluro.exe"
- <SYSTEM32>\ping.exe 127.1 -n 320
- <SYSTEM32>\tasklist.exe
- %WINDIR%\regedit.exe /S "%HOMEPATH%\Local Settings\Temp.\DefOpen.reg"
- %WINDIR%\regedit.exe /S "%HOMEPATH%\Local Settings\Temp.\DateChange.reg"
- %TEMP%\DateChange.reg
- %TEMP%\DefOpen.reg
- %TEMP%\~1.bat
- %TEMP%\~1.bat
- %TEMP%\DateChange.reg
- %TEMP%\DefOpen.reg
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''