Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run] 'get' = 'c:\program1\get\svchost.exe'
- 'C:\program1\Get\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c c:\del.bat
- C:\del.bat
- C:\program1\Get\svchost
- C:\program1\Get\svchost в C:\program1\Get\svchost.exe