Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DR_HIDE' = '%WINDIR%\MFPTBULK\DR_HIDE'
- %WINDIR%\MFPTBULK\DR_HIDE.EXE
- <SYSTEM32>\rundll32.exe shell32.dll,Control_RunDLL sysdm.cpl,,2
- %WINDIR%\MFPTBULK\DR_HIDE.EXE
- <Текущая директория>\DR_HIDE.EXE
- <Текущая директория>\DR_HIDE.EXE
- %WINDIR%\inf\usbstor.PNF в %WINDIR%\inf\usbstor.pbk
- %WINDIR%\inf\usbstor.inf в %WINDIR%\inf\usbstor.ibk
- ClassName: 'USBEST_DRHide_Class' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''