Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'regsvr.exe' = '<SYSTEM32>\regsvr.exe sysdir'
- <SYSTEM32>\regsvr.exe sysdir
- <SYSTEM32>\svchost.exe -k imgsvc
- <SYSTEM32>\mspaint.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen <Текущая директория>\Shadmehr%203.jpg
- [<HKCU>\Software\yahoo\pager]
- %HOMEPATH%\Recent\Shadmehr%203.lnk
- %HOMEPATH%\Recent\af32d3b0.lnk
- <SYSTEM32>\regsvr.exe
- <Текущая директория>\Shadmehr%203.jpg
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: 'YahooBuddyMain' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''