Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%PROGRAM_FILES%\svchost\svchost.exe'
- '<DRIVERS>\disdn\svchost.exe'
- '<SYSTEM32>\notepad.exe' <DRIVERS>\disdn\1.txt
- <DRIVERS>\disdn\wc.dat
- <DRIVERS>\disdn\1.txt
- <DRIVERS>\disdn\svchost.exe
- <DRIVERS>\disdn\gpkitclt.dll
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'