Техническая информация
- <SYSTEM32>\reg.exe delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Wgalogon" /f
- <SYSTEM32>\taskkill.exe /f /im WgaTray.exe /T
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\a00866.bat" <Полный путь к вирусу>"
- <SYSTEM32>\sfc.exe /purgecache
- %WINDIR%\Temp\a00866.bat
- %WINDIR%\Temp\a00866.bat
- <SYSTEM32>\dllcache\NT5INF.CAT
- <SYSTEM32>\dllcache\NTPRINT.CAT
- <SYSTEM32>\dllcache\OEMBIOS.CAT
- <SYSTEM32>\dllcache\netfx.cat
- <SYSTEM32>\dllcache\NT5.CAT
- <SYSTEM32>\dllcache\NT5IIS.CAT
- <SYSTEM32>\dllcache\printfilterpipelinesvc.exe
- <SYSTEM32>\dllcache\xpsshhdr.dll
- <SYSTEM32>\dllcache\xpssvcs.dll
- %WINDIR%\Temp\a00866.bat
- <SYSTEM32>\dllcache\SP2.CAT
- <SYSTEM32>\dllcache\tabletpc.cat
- <SYSTEM32>\dllcache\wmerrenu.cat
- <SYSTEM32>\dllcache\MW770.CAT
- <SYSTEM32>\dllcache\i8042prt.sys
- <SYSTEM32>\dllcache\IASNT4.CAT
- <SYSTEM32>\dllcache\IMS.CAT
- <SYSTEM32>\dllcache\filterpipelineprintproc.dll
- <SYSTEM32>\dllcache\FP4.CAT
- <SYSTEM32>\dllcache\HPCRDP.CAT
- <SYSTEM32>\dllcache\MAPIMIG.CAT
- <SYSTEM32>\dllcache\msn7.cat
- <SYSTEM32>\dllcache\msn9.cat
- <SYSTEM32>\dllcache\MSTSWEB.CAT
- <SYSTEM32>\dllcache\mediactr.cat
- <SYSTEM32>\dllcache\mouclass.sys
- <SYSTEM32>\dllcache\MSMSGS.CAT
- ClassName: '' WindowName: ''