Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinLogOn' = '%WINDIR%\wshell.exe'
- <SYSTEM32>\attrib.exe +S +H +R %WINDIR%\wshell.exe
- <SYSTEM32>\attrib.exe +S +H +R C:\$_8322_3_GEDZAC_82635_FRIENDLYTEARS_(ByT3Cr0W)_24\*.*
- <SYSTEM32>\attrib.exe +S +H +R C:\$_8322_3_GEDZAC_82635_FRIENDLYTEARS_(ByT3Cr0W)_24
- C:\log.vbs
- %WINDIR%\wshell.exe
- %WINDIR%\wshell.exe
- ClassName: '' WindowName: 'OpusAPP'
- ClassName: 'Kaspersky Anti-Virus Scanner' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'Disco de 3?'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Disco de 3? (A:)'
- ClassName: '' WindowName: '3? Floppy (A:)'