Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'rundll32.exe' = 'rundll32.exe ggt.dll,Prkt'
- <SYSTEM32>\logonui.exe /status /shutdown
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\sdel.bat" "<Полный путь к вирусу>""
- %WINDIR%\ggt.dll
- %WINDIR%\sdel.bat
- %WINDIR%\bnikm.sys
- <DRIVERS>\etc\host7
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'StatusWindowClass' WindowName: ''