Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{AAEFD7FC-BB9C-FCDD-C0AC-FF1D4CB67D6C}] 'StubPath' = '%APPDATA%\Vid.exe'
- [<HKCU>\Software\Microsoft\Active Setup\Installed Components\{AAEFD7FC-BB9C-FCDD-C0AC-FF1D4CB67D6C}] 'StubPath' = '%APPDATA%\Vid.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%APPDATA%\Vid.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%APPDATA%\Vid.exe'
- <Drive name for removable media>:\Autorun.ini
- <Drive name for removable media>:\<Virus name>.exe
- %APPDATA%\data.dat
- %APPDATA%\Vid.exe
- <Drive name for removable media>:\Autorun.ini
- <Drive name for removable media>:\<Virus name>.exe
- ClassName: 'Indicator' WindowName: ''