Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ctfmon' = '%WINDIR%\ctfmon.exe'
- '%WINDIR%\ctfmon.exe'
- '%WINDIR%\regedit.exe' /s c:\dat2.reg
- %WINDIR%\vmmreg.dll
- %WINDIR%\ctfmon.exe
- C:\dat2.reg
- %WINDIR%\ctfmon.exe
- %WINDIR%\vmmreg.dll
- C:\dat2.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''