Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe,%WINDIR%\SYSTEM\<Имя вируса>.exe'
- %WINDIR%\system\<Имя вируса>.exe
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
- ClassName: '#32770' WindowName: 'Windows ?????'
- ClassName: '#32770' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '??'
- ClassName: 'Progman' WindowName: '(null)'
- ClassName: 'SHELLDLL_DefView' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'