Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = '%WINDIR%\conmand.com'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %WINDIR%\win.bat
- %WINDIR%\conmand.exe
- %WINDIR%\welcome.pif
- %WINDIR%\system\win.bat
- %WINDIR%\win.pif
- %WINDIR%\conmand.com
- <SYSTEM32>.com
- %WINDIR%\ini.bat
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- ClassName: '' WindowName: 'Documento1 - Microsoft Word'
- ClassName: '' WindowName: 'X$?|????$?|p#$'
- ClassName: '' WindowName: 'X$Ђ|яяяя$Ђ|p#$'
- ClassName: '' WindowName: 'InformaciГіn del sistema de Microsoft'
- ClassName: '' WindowName: 'Calculadora'
- ClassName: '' WindowName: 'Editor del Registro'
- ClassName: '' WindowName: 'Informaci??n del sistema de Microsoft'