Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'Microsoft DLLs Services' = 'windlls.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft DLLs Services' = 'windlls.exe'
- <SYSTEM32>\windlls.exe 460 "<Полный путь к вирусу>"
- <SYSTEM32>\windlls.exe
- <SYSTEM32>\windlls.exe
- '62.##.142.11':6555