Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'vdw0rm' = '%APPDATA%\vdw0rm.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\vdw0rm.vbs
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 632
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 15 /tn "vdw0rm" /tr "%APPDATA%\vdw0rm.exe"
- '%APPDATA%\vdw0rm.exe'
- %TEMP%\1FDA4.dmp
- %TEMP%\dw.log
- %APPDATA%\vdw0rm.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''