Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_Dlls' = 'msosfmsq00.dll'
- %WINDIR%\win.ini
- [<HKLM>\SYSTEM\ControlSet001\Services\msfpfis64] 'ImagePath' = '<DRIVERS>\msosmsfpfis64.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\msfpfis64] 'Start' = '00000002'
- <DRIVERS>\beep.sys
- <DRIVERS>\beep.sys
- '<SYSTEM32>\cmd.exe' /c del "<Полный путь к вирусу>"
- <SYSTEM32>\msosfmsq.dat
- <DRIVERS>\msosmsfpfis64.sys
- <SYSTEM32>\dllcache\beep.sys.new
- %TEMP%\tmp1.tmp
- <SYSTEM32>\msosfmsq00.dll
- %TEMP%\tmp1.tmp
- <DRIVERS>\beep.sys
- ClassName: 'ZElementClient Window' WindowName: ''
- ClassName: 'ElementClient Window' WindowName: ''