Техническая информация
- [<HKLM>\SOFTWARE\Classes\win\shell\open\command] '' = '"%1" %*'
- [<HKLM>\SYSTEM\ControlSet001\Services\netfirewall] 'ImagePath' = '%HOMEPATH%\Historial\svchost.exe'
- <SYSTEM32>\attrib.exe -h -r -s %WINDIR%\msconfig.dat
- <SYSTEM32>\attrib.exe -h -r -s %WINDIR%\svchost.exe
- <SYSTEM32>\attrib.exe -h -r -s %WINDIR%\*.win
- <SYSTEM32>\attrib.exe -h -r -s %HOMEPATH%\Historial\*.win
- <SYSTEM32>\attrib.exe +h +r +s %HOMEPATH%\Historial
- <SYSTEM32>\attrib.exe -h -r -s %HOMEPATH%\Historial\msconfig.dat
- <SYSTEM32>\attrib.exe -h -r -s %HOMEPATH%\Historial\svchost.exe
- AVP.EXE
- %HOMEPATH%\Historial\boot.win
- %HOMEPATH%\Historial\svchost.exe
- %HOMEPATH%\Historial\command.win
- %HOMEPATH%\Historial\msconfig.dat
- %HOMEPATH%\Historial\system.win
- %HOMEPATH%\Historial\system.win
- %HOMEPATH%\Historial\msconfig.dat