Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FA' = '%ALLUSERSPROFILE%\Documents\fa.exe'
- <SYSTEM32>\userinit.exe файлом <SYSTEM32>\userinit.exe
- <SYSTEM32>\logonui.exe /status /shutdown
- <SYSTEM32>\userinit.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'StatusWindowClass' WindowName: ''
- ClassName: 'Tfreeantivirus_3dn_ruB' WindowName: ' http://freeantivirus.3dn.ru/'
- ClassName: 'Shell_TrayWnd' WindowName: ''