Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'asd' = '%WINDIR%\asd.exe'
- <SYSTEM32>\reg.exe ADD HKLM\software\microsoft\windows\currentversion\run /v asd /d %WINDIR%\asd.exe /f
- <SYSTEM32>\xcopy.exe %WINDIR%\*.tmp2 %WINDIR%\*.exe
- %WINDIR%\asd.tmp2
- %WINDIR%\asd.exe
- %WINDIR%\trojan.ini
- %WINDIR%\asd.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''