Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Taskbar' = '%ALLUSERSPROFILE%\Application Data\Taskbar\taskbar.exe'
- '<SYSTEM32>\schtasks.exe' /delete /f /tn "Taskbar"
- '<SYSTEM32>\xcopy.exe' <Имя вируса>.exe "%ALLUSERSPROFILE%\Application Data\Taskbar" /h /y
- '<SYSTEM32>\reg.exe' ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Taskbar" /t REG_SZ /d "%ALLUSERSPROFILE%\Application Data\Taskbar\taskbar.exe" /f
- '<SYSTEM32>\taskkill.exe' /f /im taskbar.exe
- '<SYSTEM32>\taskkill.exe' /f /im unins001.exe
- '<SYSTEM32>\reg.exe' DELETE "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /V Taskbar /f
- %ALLUSERSPROFILE%\Application Data\Taskbar\<Имя вируса>.exe
- %ALLUSERSPROFILE%\Application Data\Taskbar\unrar.exe
- %ALLUSERSPROFILE%\Application Data\HomePage\unins001.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'