Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemFile' = 'syctask.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{z6B2445-1963-9142-A0DB-DBDB9E15FB9z;] 'StubPath' = 'systask.exe AutoRun'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe servics.exe'
- скрытых файлов
- %WINDIR%\Lsast.exe
- <SYSTEM32>\Lsasss.exe
- %TEMP%\bndFile
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: '#32770' WindowName: ''