Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'i' = '%WINDIR%\init.exe'
- %WINDIR%\explorer
- %WINDIR%\init.exe
- <SYSTEM32>\find.exe "Configuration for interface"
- %TEMP%\i.tmp
- %APPDATA%\int.ico
- %APPDATA%\ints.ico
- %WINDIR%\init.exe
- %WINDIR%\rundll
- %WINDIR%\explorer
- %APPDATA%\int.ico
- %APPDATA%\ints.ico
- %WINDIR%\explorer
- %WINDIR%\init.exe
- %WINDIR%\rundll
- %TEMP%\i.tmp
- ClassName: 'AutoHotkey' WindowName: '%WINDIR%\explorer'
- ClassName: '#32771' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: '%WINDIR%\init.exe'
- ClassName: 'AutoHotkey' WindowName: '<Полный путь к вирусу>'
- ClassName: 'Shell_TrayWnd' WindowName: ''