Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Station' = '%WINDIR%\inf\winlogon.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'JFF' = '<SYSTEM32>\dllcache\services.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Help' = '%WINDIR%\help\Help.exe'
- '<DRIVERS>\JCheck.exe'
- '%WINDIR%\regedit.exe' /s <SYSTEM32>\reg.reg
- %WINDIR%\Help\Help.exe
- %WINDIR%\KDC.ykw
- <SYSTEM32>\reg.reg
- <DRIVERS>\JCheck.exe
- %WINDIR%\Ver3.dat
- %WINDIR%\Ver3_.dat
- %TEMP%\~DF4D99.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'