Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Gfx Module] 'Start' = '00000002'
- <Полный путь к вирусу>
- %WINDIR%\Performance\GfxModule.exe
- %WINDIR%\Performance\RCX5.tmp
- %WINDIR%\Performance\DbEntry2.idx
- %WINDIR%\Performance\RCX4.tmp
- <Текущая директория>\_desktop.ini
- %WINDIR%\Performance\RCX6.tmp
- %WINDIR%\Performance\DbEntry3.idx
- %WINDIR%\Performance\RCX2.tmp
- %WINDIR%\Performance\RCX1.tmp
- %WINDIR%\Performance\GfxUI.txt
- %WINDIR%\Performance\DbEntry1.idx
- %WINDIR%\Performance\RCX3.tmp
- %WINDIR%\Performance\GfxModule.txt
- <Текущая директория>\_desktop.ini
- %WINDIR%\Performance\DbEntry2.idx
- %WINDIR%\Performance\DbEntry3.idx
- %WINDIR%\Performance\DbEntry1.idx
- %WINDIR%\Performance\GfxUI.txt
- %WINDIR%\Performance\GfxModule.txt
- из <Полный путь к вирусу> в <Текущая директория>\_thumbs.db
- ClassName: 'Shell_TrayWnd' WindowName: ''