Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,rundll32.exe <SYSTEM32>\winsys16_flag_verflag_ver.dll start'
- '<SYSTEM32>\cmd.exe' /c c:\myDelm.bat
- ClassName: 'AVP.Product_Notification' WindowName: 'Kaspersky Anti-Virus: ????'
- ClassName: 'AVP.TrafficMonConnectionTerm' WindowName: '??????????????????'
- ClassName: 'AVP.TrafficMonConnectionTerm' WindowName: '(null)'
- ClassName: 'AVP.AlertDialog' WindowName: '???????? ????'
- ClassName: 'AVP.AlertDialog' WindowName: '(null)'
- ClassName: 'AVP.Product_Notification' WindowName: '(null)'
- <SYSTEM32>\scrsys16_flag_verflag_ver.scr
- <SYSTEM32>\winsys16_flag_verflag_ver.dll
- C:\myDelm.bat
- <SYSTEM32>\winsys32_flag_verflag_ver.dll
- %WINDIR%\mywinsys.ini
- <SYSTEM32>\AlxResflag_verflag_ver.exe
- <SYSTEM32>\scrsysflag_verflag_ver.scr
- <SYSTEM32>\scrsys16_flag_verflag_ver.scr
- <SYSTEM32>\winsys16_flag_verflag_ver.dll
- <SYSTEM32>\winsys32_flag_verflag_ver.dll
- <SYSTEM32>\AlxResflag_verflag_ver.exe
- <SYSTEM32>\scrsysflag_verflag_ver.scr
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '#32770' WindowName: 'IE ????????'
- ClassName: '#32770' WindowName: '??????????????????'
- ClassName: '#32770' WindowName: '???????????????????? - IE??????'
- ClassName: '#32770' WindowName: 'IE????????'