Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftWindows' = '%HOMEPATH%\start.exe'
- <SYSTEM32>\systeminfo.exe
- <SYSTEM32>\attrib.exe +S +H "%HOMEPATH%\winmod"
- <SYSTEM32>\attrib.exe +S +H "%HOMEPATH%\WinDir"
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\WinDir\sys\lst
- %TEMP%\ntdll.dll:alt1
- %TEMP%\ntdll.dll:alt0
- ClassName: 'Indicator' WindowName: ''