Техническая информация
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- Компонент восстановления системы (SR)
- Центр обеспечения безопасности (Security Center)
- '%WINDIR%\antivirus-platinum.exe'
- '%WINDIR%\302746537.exe'
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\mscomctl.ocx
- '<SYSTEM32>\attrib.exe' +h %WINDIR%\antivirus-platinum.exe
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\302746537.bat" "
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\comctl32.ocx
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoLogoff' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoClose' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] 'NoDrives' = '03FFFFFF'
- [<HKCU>\Software\Microsoft\Internet Explorer\Main] 'Window Title' = 'YOUR PC MAY BE INFECTED WITH SPYWARE OR OTHER MALICIOUS ITEMS'
- %WINDIR%\302746537.exe
- %HOMEPATH%\Desktop\AntiVirus Platinum.lnk
- %TEMP%\1.tmp\302746537.bat
- %WINDIR%\antivirus-platinum.exe
- %WINDIR%\COMCTL32.OCX
- %WINDIR%\MSCOMCTL.OCX
- %WINDIR%\antivirus-platinum.exe
- %TEMP%\1.tmp\302746537.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''