Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'csmos' = '<SYSTEM32>\csmos.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Полный путь к вирусу>' = '<Полный путь к вирусу>:*:Enabled:Microsoft Windows Update Platform'
- Средство контроля пользовательских учетных записей (UAC)
- <SYSTEM32>\csmos.exe
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'Tiny H-Pot v1.6'
- ClassName: 'Chrome_WidgetWin_0' WindowName: '<Служебное имя>'
- ClassName: 'Chrome_WidgetWin_0' WindowName: '<SYSTEM32>\cscript.exe'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'Connections Tray'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'Program Manager'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'MS_WebcheckMonitor'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'Power Meter'
- ClassName: 'Chrome_WidgetWin_0' WindowName: '<Служебное имя> - build Mar 22 2011'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'TF_FloatingLangBar_WndTitle'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'CiceroUIWndFrame'
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Chrome_WidgetWin_0' WindowName: ''
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'HACKED5332#5'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'NAB'
- ClassName: 'Chrome_WidgetWin_0' WindowName: 'Form2'