Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\IncAuthdService\Parameters] 'ServiceDll' = '<SYSTEM32>\msvfw16.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\IncAuthdService] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsworksvc'
- [<HKLM>\SYSTEM\ControlSet001\Services\IncAuthdService] 'Start' = '00000002'
- '<SYSTEM32>\cmd.exe' /c del "<Полный путь к вирусу>"
- '<SYSTEM32>\cmd.exe' /c echo 12345><SYSTEM32>\setup\hid32.log
- <SYSTEM32>\Setup\wuauclt1.exe
- <SYSTEM32>\hid32.dll
- <SYSTEM32>\Setup\hid32.log
- <SYSTEM32>\msvfw16.dll
- <SYSTEM32>\Setup\hid32.log