Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Service Support] 'Start' = '00000002'
- C:\ssmarque.scr /S
- <SYSTEM32>\svchost.exe -k netsvcs
- <SYSTEM32>\reg.exe ADD HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Service Support\Parameters /v ServiceDll /t REG_EXPAND_SZ /d "<SYSTEM32>\dllcache\srvsupp.dll"
- <SYSTEM32>\taskkill.exe /f /t /im KSafeTray.exe
- %WINDIR%\antivir.reg
- %TEMP%\125406_res.tmp
- C:\ssmarque.scr
- %WINDIR%\antivir.txt
- <SYSTEM32>\dllcache\srvsupp.dll
- %WINDIR%\antivir.reg
- %WINDIR%\antivir.txt
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''