Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sys32kern' = '<Полный путь к вирусу>'
- '<SYSTEM32>\taskkill.exe' /pid=3716
- '<SYSTEM32>\taskkill.exe' /pid=4032
- '<SYSTEM32>\taskkill.exe' /pid=1720
- '<SYSTEM32>\taskkill.exe' /pid=3232
- '<SYSTEM32>\taskkill.exe' /pid=3352
- '<SYSTEM32>\taskkill.exe' /pid=3344
- '<SYSTEM32>\taskkill.exe' /pid=3592
- '<SYSTEM32>\taskkill.exe' /pid=3072
- '<SYSTEM32>\taskkill.exe' /pid=2760
- '<SYSTEM32>\taskkill.exe' /pid=3044
- '<SYSTEM32>\taskkill.exe' /pid=3152
- '<SYSTEM32>\taskkill.exe' /pid=2996
- '<SYSTEM32>\taskkill.exe' /C taskkill /f /im taskmgr.exe
- '<SYSTEM32>\taskkill.exe' /f /im taskmgr.exe
- '<SYSTEM32>\taskkill.exe' /pid=2952
- '<SYSTEM32>\taskkill.exe' /pid=2828
- '<SYSTEM32>\taskkill.exe' /pid=2976
- '<SYSTEM32>\taskkill.exe' /pid=2572
- '<SYSTEM32>\taskkill.exe' /pid=3980
- '<SYSTEM32>\taskkill.exe' /pid=4000
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\taskkill.exe
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Button' WindowName: '(null)'