Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,,"<Полный путь к вирусу>" un userinit.exe'
- [<HKLM>\SOFTWARE\Classes\memfile\shell\open\command] '' = '"<Полный путь к вирусу>" unlock "%1"'
- <SYSTEM32>\msimtf.dllъш
- ClassName: 'TD000MainForm' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MDIClient' WindowName: ''
- ClassName: 'explore' WindowName: ''
- ClassName: '#32770' WindowName: 'Eliminar?'
- ClassName: 'T0000MainForm' WindowName: ''
- ClassName: 'O000DBG' WindowName: ''
- ClassName: 'TAppBuilder' WindowName: ''
- ClassName: 'TForm_Undelete' WindowName: 'Default IME'