Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SYSBCKSVC] 'Start' = '00000002'
- %WINDIR%\BackupUtility\DbCompact.exe
- %WINDIR%\BackupUtility\DbEntry3.idx
- %WINDIR%\BackupUtility\RCX4.tmp
- %WINDIR%\BackupUtility\DbEntry2.idx
- <Текущая директория>\RCX6.tmp
- <Текущая директория>\_desktop.ini
- %WINDIR%\BackupUtility\RCX5.tmp
- %WINDIR%\BackupUtility\DbCompact.txt
- %WINDIR%\BackupUtility\RCX1.tmp
- %WINDIR%\BackupUtility\BackupSvc.txt
- %WINDIR%\BackupUtility\RCX3.tmp
- %WINDIR%\BackupUtility\DbEntry1.idx
- %WINDIR%\BackupUtility\RCX2.tmp
- <Текущая директория>\_desktop.ini
- %WINDIR%\BackupUtility\DbEntry2.idx
- %WINDIR%\BackupUtility\DbEntry3.idx
- <Текущая директория>\_desktop.ini
- %WINDIR%\BackupUtility\BackupSvc.txt
- %WINDIR%\BackupUtility\DbCompact.txt
- %WINDIR%\BackupUtility\DbEntry1.idx
- из <Полный путь к вирусу> в <Текущая директория>\_thumbs.db