Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftWindowsOperatingSystem' = '%WINDIR%\system\cmdWindows.exe'
- '<SYSTEM32>\reg.exe' ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v MicrosoftWindowsOperatingSystem /t REG_SZ /d %WINDIR%\system\cmdWindows.exe
- %WINDIR%\system\cmdWindows.exe
- '14.#.21.118':12345
- ClassName: 'Indicator' WindowName: '(null)'