Техническая информация
- [<HKCU>\Control Panel\Desktop] 'SCRNSAVE.EXE' = '<SYSTEM32>\3d_Papa_Buzzie.Scr'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = 'Exploder.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe Run.exe'
- [<HKLM>\SOFTWARE\Microsoft\Command Processor] 'AutoRun' = 'echo off|Copy %WINDIR%\Config\driver.idf C:\Mario.exe|Cls|echo. ___vicious'83 (...by Buggie_haeza-tsu)'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Norton AntiVirus' = '%PROGRAM_FILES%\Norton AntiVirus\NAVW32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Kernel32' = 'Krnl836.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Terminal Services' = 'term32.exe'
- '<SYSTEM32>\msvrt.exe' 0
- %WINDIR%\Run.Exe
- %PROGRAM_FILES%\Norton AntiVirus\NPROTECT.exe
- <SYSTEM32>\3d_Papa_Buzzie.Scr
- %PROGRAM_FILES%\Norton AntiVirus\logo.bmp
- %WINDIR%\Krnl836.exe
- %WINDIR%\exploder.exe
- %PROGRAM_FILES%\Norton AntiVirus\NAVW32.exe
- %WINDIR%\Config\driver.idf
- <SYSTEM32>\term32.exe
- %WINDIR%\PC-health\PCguard.exe
- <SYSTEM32>\msvrt.exe
- %WINDIR%\exploder.exe
- %WINDIR%\Krnl836.exe
- %PROGRAM_FILES%\Norton AntiVirus\logo.bmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'