Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'Rundll' = '<SYSTEM32>\scandisk.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'host' = '<SYSTEM32>\scandisk.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\scandisk.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] '' = '<SYSTEM32>\scandisk.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Microsoft Windows update.lnk
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- <SYSTEM32>\wscript.exe ""%TEMP%\brest2.vbs""
- %TEMP%\brest2.vbs