Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HNCC' = '%HOMEPATH%\Desktop\RedAlert.exe'
- Windows Task Manager (Taskmgr)
- %HOMEPATH%\desktop\del.bat
- %HOMEPATH%\desktop\redalert.exe
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\desktop\redalert.exe'