Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%TEMP%\svchost.exe.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 364
- '<SYSTEM32>\cmd.exe'
- %TEMP%\dw.log
- %TEMP%\45DFB.dmp
- %TEMP%\File to bind name....exe
- %TEMP%\svchost.exe.fede
- %TEMP%\svchost.exe.exe:ZONE.identifier
- %TEMP%\svchost.exe.fede в %TEMP%\svchost.exe.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''