Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '%APPDATA%\Sdat.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'userini' = '%APPDATA%\Sdat.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\sdat.exe
- ClassName: 'Progman' WindowName: ''
- ClassName: 'ÏðîâîäГГЁГЄ' WindowName: ''
- ClassName: 'explorer.exe ' WindowName: ''
- ClassName: '' WindowName: 'Ðåäà êòîð ðååñòðà '
- ClassName: '' WindowName: 'Íà ñòðîéêà ñèñòåìû'
- ClassName: '' WindowName: 'Äèñïåò÷åð çà äà ÷ Windows'
- ClassName: '' WindowName: 'Ðà áî÷èé ñòîë'
- ClassName: '' WindowName: 'ГЏГіГ±ГЄ'
- ClassName: '' WindowName: 'ÂûïîëГГЁГІГј'
- '%APPDATA%\sdat.exe'