Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\KERNEL32.EXE'
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = '<SYSTEM32>\SYSEXPLR.EXE %1'
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '"%1" %*'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] '' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] '' = '<SYSTEM32>\KERNEL32.EXE'
- '<SYSTEM32>\KERNEL32.EXE'
- '%WINDIR%\Temp\G_Server.exe'
- <SYSTEM32>\KERNEL32.EXE
- <SYSTEM32>\SYSEXPLR.EXE
- %TEMP%\File100.tmp
- %WINDIR%\Temp\G_Server.exe
- %WINDIR%\Temp\梦三国.jpg
- <SYSTEM32>\SYSEXPLR.EXE
- <SYSTEM32>\KERNEL32.EXE
- %TEMP%\File100.tmp
- ClassName: '' WindowName: 'Windows ??'
- ClassName: '' WindowName: 'Windows '
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''