Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe "%CommonProgramFiles%\System\svchost.exe"'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\update.exe
- %CommonProgramFiles%\System\svchost.exe
- %CommonProgramFiles%\System\sys_vd4.dat
- %TEMP%\nsd2.tmp
- %CommonProgramFiles%\System\svchost.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\update.exe
- %CommonProgramFiles%\System\sys_vd4.dat