Техническая информация
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'exefile'
- '<SYSTEM32>\logonui.exe' /status /shutdown
- '<SYSTEM32>\cmd.exe' /c %WINDIR%system32eg.bat
- '<SYSTEM32>\taskkill.exe' /f /im 360tray.exe
- '<SYSTEM32>\shutdown.exe' -s -f
- '%WINDIR%\regedit.exe' /s reg.reg
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>del.bat
- '<SYSTEM32>\taskkill.exe' /f /im Rav.exe
- '<SYSTEM32>\taskkill.exe' /f /im KVXP.kxp
- '<SYSTEM32>\taskkill.exe' /f /im kavsvc.exe
- '<SYSTEM32>\taskkill.exe' /f /im VsTskMgr.exe
- '<SYSTEM32>\taskkill.exe' /f /im Mcshield.exe
- '<SYSTEM32>\taskkill.exe' /f /im Ravmon.exe
- %WINDIR%system32eg.reg
- %WINDIR%system32eg.bat
- <Текущая директория>del.bat
- %WINDIR%system320.vbs
- %WINDIR%system320.bat
- %WINDIR%system32wscript.ico
- %WINDIR%system320.bat
- %WINDIR%system320.vbs
- %WINDIR%system32eg.reg
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'StatusWindowClass' WindowName: ''