Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] '36tray' = '%WINDIR%\kkty\555.vbs'
- '%WINDIR%\regedit.exe' /s 12.reg
- '<SYSTEM32>\attrib.exe' +a +s +h %WINDIR%\kkty
- '<SYSTEM32>\wscript.exe' "%WINDIR%\kkty\1.vbs"
- %WINDIR%\kkty\12.reg
- %WINDIR%\kkty\555.vbs
- %WINDIR%\kkty\1.vbs
- %WINDIR%\kkty\2.bat
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'