Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KeyTool.exe] 'Debugger' = '"<SYSTEM32>\wins.exe" /locked:KeyTool.exe'
- %WINDIR%\regedit.exe -s "%APPDATA%\2.reg"
- <SYSTEM32>\wins.$$A
- <SYSTEM32>\wins.exe.$$A
- %APPDATA%\2.$$A
- <SYSTEM32>\config.$$A
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'InstItClass' WindowName: ''