Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '%WINDIR%\temp\svchost.exe'
- '%WINDIR%\Temp\notepad .exe'
- %WINDIR%\Temp\invs.vbs
- %WINDIR%\Temp\notepad .exe
- %WINDIR%\Temp\mata2.bat
- %WINDIR%\Temp\rundll11-.txt
- %WINDIR%\Temp\mata2.bat