Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,,"<Полный путь к вирусу>" un userinit.exe'
- [<HKLM>\SOFTWARE\Classes\memfile\shell\open\command] '' = '"<Полный путь к вирусу>" unlock "%1"'
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- <SYSTEM32>\msimtf.dllъш
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'explore' WindowName: ''
- ClassName: 'MDIClient' WindowName: ''
- ClassName: '#32770' WindowName: 'И·ИПОДјюјРЙѕіэ'
- ClassName: 'TForm_Undelete' WindowName: 'Default IME'
- ClassName: 'TAppBuilder' WindowName: ''
- ClassName: '#32770' WindowName: '??????????????'