Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GfxDev' = '%PROGRAM_FILES%\GfxDev\gfx.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ATI' = '%PROGRAM_FILES%\ATI\igxTray.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GfxDev' = 'C:\Users\%USERNAME%\AppLocal\gfx.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ATI' = 'C:\Users\%USERNAME%\AppData\Roaming\igxTray.exe'
- Средство контроля пользовательских учетных записей (UAC)
- %PROGRAM_FILES%\GfxDev\gfx.exe
- %PROGRAM_FILES%\GfxDev\gfx.exe:ZONE.identifier
- C:\Users\%USERNAME%\AppLocal\gfx.exe:ZONE.identifier
- <Полный путь к вирусу>:ZONE.identifier
- C:\Users\%USERNAME%\AppLocal\gfx.exe
- %PROGRAM_FILES%\GfxDev\gfx.exe
- C:\Users\%USERNAME%\AppLocal\gfx.exe
- C:\Users\%USERNAME%\AppLocal\gfx.exe
- ClassName: 'Indicator' WindowName: ''