Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'configuration' = '%WINDIR%\configuration\configuration.exe'
- '%WINDIR%\CIDD_P\lsass.exe'
- '%WINDIR%\explorer.exe' <Текущая директория>\<Имя вируса>
- %WINDIR%\CIDD_P\55524E58594D4156\nam.dll
- %WINDIR%\configuration\configuration.exe
- %WINDIR%\CIDD_P\lsass.exe
- %WINDIR%\CIDD_P\55524E58594D4156\br.dll
- %WINDIR%\CIDD_P\55524E58594D4156\br.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''