Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\5080376f] 'Start' = '00000002'
- '%TEMP%\adm\adinstall.exe' /VERYSILENT /SUPPRESSMSGBOXES
- '%TEMP%\is-O519L.tmp\adinstall.tmp' /SL5="$40038,257361,138240,%TEMP%\adm\adinstall.exe" /VERYSILENT /SUPPRESSMSGBOXES
- '%TEMP%\2bb76.tmp'
- '%TEMP%\359ba.exe'
- '<SYSTEM32>\regsvr32.exe' /s /c <SYSTEM32>\kakutk.dll
- %TEMP%\B1.zip
- %TEMP%\is-DIF00.tmp\_isetup\_shfoldr.dll
- %TEMP%\A1.zip
- %TEMP%\uhutJiRj.dll
- %TEMP%\FDhJrbUy.dll
- %TEMP%\C1.zip
- <SYSTEM32>\kakutk.dll
- %TEMP%\359ba.exe
- <Полный путь к вирусу>
- %TEMP%\2bb76.tmp
- <DRIVERS>\5080376f.sys
- %TEMP%\is-O519L.tmp\adinstall.tmp
- %TEMP%\adm\adinstall.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''