Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Explorer.exe] 'Debugger' = '<Полный путь к вирусу>'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe] 'Debugger' = 'OFF'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe] 'Debugger' = 'OFF'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe] 'Debugger' = 'OFF'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = 'OFF'
- %WINDIR%\Tasks\SA.DAT
- '<SYSTEM32>\svchost.exe' -k netsvcs
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\svchost.exe