Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,'
- [<HKLM>\SOFTWARE\Classes\.pif] '' = 'piffile_disabled'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'protect_autorun' = '%TEMP%\AutoRunKiller.exe /start'
- %HOMEPATH%\Start Menu\Programs\Startup\win.exe
- скрытых файлов
- %TEMP%\AutoRunKiller.exe
- <SYSTEM32>\gpupdate.exe /force
- %TEMP%\aut3.tmp
- %TEMP%\AutoRunKiller.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\jlfkxkz
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut1.tmp
- %TEMP%\jlfkxkz
- ClassName: '' WindowName: 'CPE17 Autorun Killer 1.8.7'
- ClassName: 'Shell_TrayWnd' WindowName: ''