Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'User Profile services' = '"%PROGRAM_FILES%\kp\windowsclock.exe" /r'
- C:\ProgramData\kp\data.kdb
- C:\Users\All Users\kp\data.kdb
- C:\Users\%USERNAME%\AppData\Local\VirtualStore\ProgramData\kp\data.kdb
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %PROGRAM_FILES%\kp\windowsclock.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: 'Shell_TrayWnd' WindowName: ''