Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '<Полный путь к вирусу>'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = 'C:\Root\Shell32.Com'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Windows.com
- outpost.exe
- AVP.EXE
- bdagent.exe
- C:\USER-4BB09A9C02\%USERNAME%\Documents and Settings\Start Menu\Programs\Startup\Windows.com
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows.com
- C:\Users\USER-4BB09A9C02\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.com
- C:\Root\Shell32.Com
- C:\Root\Ekran.Bmp
- ClassName: 'Indicator' WindowName: ''