Техническая информация
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\attrib.exe <SYSTEM32>\cmd.bat +r +s +h
- <SYSTEM32>\taskkill.exe /f /im kav.exe
- <SYSTEM32>\net1.exe stop Shadow" "System" "Service
- <SYSTEM32>\net.exe stop Shadow" "System" "Service
- <SYSTEM32>\net1.exe stop sharedaccess
- %WINDIR%\regedit.exe /s kill.reg
- %WINDIR%\regedit.exe /s dark.reg
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\virus2.bat""
- <SYSTEM32>\attrib.exe <SYSTEM32>\darkkill.dll +s +h
- <SYSTEM32>\net1.exe start DARK
- <SYSTEM32>\sc.exe config DARK start= AUTO
- <SYSTEM32>\cmd.bat
- <Текущая директория>\dark.reg
- %TEMP%\1.tmp\virus2.bat
- <SYSTEM32>\cmd.bat
- ClassName: '' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''