Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svctt' = '%WINDIR%\config\explorar.exe'
- <SYSTEM32>\reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "svctt" /t REG_SZ /d "%WINDIR%\config\explorar.exe" /f
- <SYSTEM32>\taskkill.exe /F /IM firefox.exe
- <SYSTEM32>\taskkill.exe /F /IM opera.exe
- firefox.exe
- opera.exe
- %WINDIR%\Config\explorar.exe
- ClassName: '' WindowName: ''