Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'tvncontrol' = '"%WINDIR%\TVNC\tvnserver.exe" -controlservice -slave'
- [<HKLM>\SYSTEM\ControlSet001\Services\tvnserver] 'Start' = '00000002'
- %WINDIR%\TVNC\tvnserver.exe -service -controlservice -slave -install -silent -start -silent
- <SYSTEM32>\attrib.exe +h +s +r "%WINDIR%\TVNC" /d /s
- <SYSTEM32>\attrib.exe +h +s +r "%WINDIR%\TVNC\*.*" /d /s
- <SYSTEM32>\xcopy.exe "<LS_APPDATA>\tvnserver.exe" "%WINDIR%\TVNC\*.*" /r /i /c /h /k /y
- %WINDIR%\regedit.exe /s "<LS_APPDATA>\HKLM.txt"
- <SYSTEM32>\xcopy.exe "<LS_APPDATA>\screenhooks.dll" "%WINDIR%\TVNC\*.*" /r /i /c /h /k /y
- %TEMP%\2751.bat
- %WINDIR%\TVNC\screenhooks.dll
- %WINDIR%\TVNC\tvnserver.exe
- <LS_APPDATA>\HKLM.txt
- <LS_APPDATA>\screenhooks.dll
- <LS_APPDATA>\tvnserver.exe
- %WINDIR%\TVNC\tvnserver.exe
- %WINDIR%\TVNC\screenhooks.dll
- %TEMP%\2751.bat
- <LS_APPDATA>\screenhooks.dll
- <LS_APPDATA>\tvnserver.exe
- %TEMP%\2751.bat
- <LS_APPDATA>\HKLM.txt
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''