Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Run' = '<SYSTEM32>\dllcache\miyabi.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\srservice] 'ImagePath' = '0'
- [<HKLM>\SYSTEM\ControlSet001\Services\srservice] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\srservice\Parameters] 'ServiceDll' = '0'
- [<HKLM>\SYSTEM\ControlSet001\Services\sr] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\Spooler] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet002\Services\Spooler] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\sr] 'ImagePath' = '0'
- Редактора реестра (RegEdit)
- <SYSTEM32>\wordicon.ico
- <SYSTEM32>\dllcache\miyabi.exe
- <SYSTEM32>\wordicon.ico
- <SYSTEM32>\spoolsv.exe