Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Systemini' = '<DRIVERS>\etc\hosts.bat'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TaskP' = '%WINDIR%\TaskP.exe'
- C:\No Israel.exe
- %ALLUSERSPROFILE%\User123.exe
- C:\Systemini.vbs
- C:\Alah Akbar.exe
- C:\Documents and Settings\XPPRESP3\Application Data\App.exe
- %WINDIR%\TaskP.exe
- <LS_APPDATA>\Microsoft\Microsoft.exe
- C:\Documents and Settings\XPPRESP3\Application\App.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'