Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'UPD_H' = '%WINDIR%\update.vbs'
- <SYSTEM32>\attrib.exe -H -S <DRIVERS>\etc\lmhosts.sam
- <SYSTEM32>\attrib.exe -H -S <DRIVERS>\etc\hosts
- <SYSTEM32>\attrib.exe -H -S <DRIVERS>\etc\protocol
- <SYSTEM32>\attrib.exe -H -S <DRIVERS>\etc\networks
- <SYSTEM32>\attrib.exe +H +S update.vbs
- <SYSTEM32>\wscript.exe "%WINDIR%\setup.vbs"
- <SYSTEM32>\cmd.exe /c %TEMP%\sys.bat
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\update.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\update.vbs"
- %WINDIR%\setup.vbs
- %WINDIR%\update.bat
- %WINDIR%\update.vbs
- %TEMP%\sys.bat
- %WINDIR%\update.vbs
- %WINDIR%\update.bat
- '94.##9.188.62':45612
- ClassName: 'Shell_TrayWnd' WindowName: ''