Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Okl' = '<Полный путь к вирусу>'
- %WINDIR%\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\19b50dd470540911fc5cc65331a769e4\ComSvcConfig.ni.exe
- %WINDIR%\$NtUninstallWIC$\spuninst\spuninst.exe
- %WINDIR%\$NtUninstallKB942288-v3$\msiexec.exe
- %WINDIR%\$NtUninstallKB942288-v3$\spuninst\spuninst.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6781b87c8d3b55e6120b1e86bea6e040\ServiceModelReg.ni.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\SMSvcHost\b9c1a29e684bc02e49226ff1e9eec253\SMSvcHost.ni.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9469981a17c01dd154c540127e678b35\PresentationFontCache.ni.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
- %WINDIR%\assembly\NativeImages_v2.0.50727_32\MSBuild\87c84ffaaad81d8d106a9aa9d68b5926\MSBuild.ni.exe
- %WINDIR%\winhlp32.exe
- %WINDIR%\regedit.exe
- %WINDIR%\sfk.exe
- %WINDIR%\NOTEPAD.EXE
- %WINDIR%\explorer.exe
- %WINDIR%\hh.exe
- %WINDIR%\twunk_32.exe
- %WINDIR%\winhelp.exe
- %WINDIR%\twunk_16.exe
- %WINDIR%\sleep.exe
- %WINDIR%\TASKMAN.EXE
- ClassName: 'Indicator' WindowName: ''