Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HNCC' = '%HOMEPATH%\Desktop\d\RedAlert.exe'
- Windows Task Manager (Taskmgr)
- %HOMEPATH%\desktop\d\redalert.exe
- %HOMEPATH%\desktop\d\del.bat
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\desktop\d\redalert.exe'