Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\krntrfovwdt] 'ImagePath' = '<SYSTEM32>\msdtok.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\krntrfovwdt] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\winmgmt] 'Start' = '00000002'
- '<SYSTEM32>\msdtok.exe' /install /silent "Kernel Transfer Data Overview"
- <SYSTEM32>\msenuca.exe
- <SYSTEM32>\msnuqo.exe
- <SYSTEM32>\msdtok.exe
- <SYSTEM32>\mslazixe.dll
- <SYSTEM32>\mstutele.dll
- <SYSTEM32>\mssogico.dll