Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'windows update' = '<SYSTEM32>\updater.exe'
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = '<SYSTEM32>\SYSNOT.EXE %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'Explorer.exe <SYSTEM32>\systary.exe'
- <SYSTEM32>\updater.exe
- <SYSTEM32>\updater.exe
- <SYSTEM32>\sysnot.exe
- <SYSTEM32>\SYSTARY.EXE
- <SYSTEM32>\sysnot.exe
- <SYSTEM32>\SYSTARY.EXE
- ClassName: 'Button' WindowName: '??????(&S)'
- ClassName: 'RICHEDIT' WindowName: ''
- ClassName: 'Button' WindowName: '????(&S)'
- ClassName: 'AfxWnd42' WindowName: ''
- ClassName: 'RavMonClass' WindowName: 'RavMon.exe'
- ClassName: 'W*H*B*O*Y' WindowName: 'Xleo'
- ClassName: 'TFrmMain' WindowName: '??????????'
- ClassName: 'Tapplication' WindowName: '????????????????'