Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windowsrun' = '<Полный путь к вирусу>'
- '<SYSTEM32>\taskkill.exe' /f /im UnLocker v3.0.exe
- '<SYSTEM32>\taskkill.exe' /f /im UnLocker.exe
- '<SYSTEM32>\taskkill.exe' /f /im taskmgr.exe
- '<SYSTEM32>\taskkill.exe' /f /im cmd.exe
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- <SYSTEM32>\cmd.exe
- ClassName: '(null)' WindowName: 'UnLocker v2.0 by DOC Foreve Olone'
- ClassName: '(null)' WindowName: '???????? Unlocker v3.1'
- ClassName: '(null)' WindowName: 'Unlocker v2.0'
- ClassName: '(null)' WindowName: 'Unlocker by AleX 2.2'
- ClassName: '(null)' WindowName: 'ServiceAntiWinLocker'
- ClassName: '(null)' WindowName: 'Unlocker v3.1'
- ClassName: '(null)' WindowName: 'Unlocker v3.2'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Unlocker v3.0'
- ClassName: '(null)' WindowName: 'Unlocker v 1.0 (beta)'
- ClassName: '(null)' WindowName: 'Unlocker v2.5'
- ClassName: '(null)' WindowName: 'New Unlocker by DOC'
- ClassName: 'Win32 - ???????' WindowName: '(null)'
- ClassName: 'NOTEPAD' WindowName: '(null)'
- ClassName: 'New Unlocker by DOC' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '??? ?????????' WindowName: '(null)'
- ClassName: 'CMD' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Win32 - ???????'
- ClassName: '(null)' WindowName: '????????? ????? Windows'
- ClassName: '(null)' WindowName: 'cmd'
- ClassName: '(null)' WindowName: '??? ?????????'
- ClassName: '(null)' WindowName: 'AntiWinLockerTray'