Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\7aasht6rf] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%CommonProgramFiles%\tysarekb\zamsdyg.exe' = '%CommonProgramFiles%\tysarekb\zamsdyg.exe:*:Enabled:gpastrpkf'
- '%CommonProgramFiles%\tysarekb\zamsdyg.exe'
- %CommonProgramFiles%\tysarekb\zamsdyg.exe
- %CommonProgramFiles%\tysarekb\zamsdyg.exe
- <Полный путь к вирусу>