Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Windows Runtime 6' = '%APPDATA%\kernel32.lnk'
- <SYSTEM32>\attrib.exe +h +s %APPDATA%\svrhost.exe
- <SYSTEM32>\attrib.exe +h +s %APPDATA%\kernel32.lnk
- <SYSTEM32>\attrib.exe +h +s %APPDATA%\file.txt
- <SYSTEM32>\cmd.exe /c %TEMP%\tempd.bat
- [<HKCU>\Software\Yahoo\Pager]
- %APPDATA%\kernel32.lnk.lnk
- %TEMP%\tempd.bat
- %APPDATA%\mgwz.dll
- %TEMP%\tempd.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''