Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adobe Updates' = '%HOMEPATH%\Start Menu\Programs\Startup\server.exe'
- <Полный путь к вирусу>
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
- <SYSTEM32>\rundll32.exe dfshim.dll,ShOpenVerbApplication %TEMP%\Generate Multiple Names and Points.application
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\CAH5VINX.log
- %TEMP%\Deployment\9WKXJCM1.TRK\V25L50CL.R4Y.application
- %TEMP%\Generate Multiple Names and Points.application
- %TEMP%\Deployment\9WKXJCM1.TRK\V25L50CL.R4Y.application
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''