Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'KM_Path' = ''
- Компонент восстановления системы (SR)
- %WINDIR%\regedit.exe /s "<SYSTEM32>\tmp"
- %WINDIR%\regedit.exe /s /e "<SYSTEM32>\tmp" "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Minimal"
- <SYSTEM32>\rundll32.exe user32.dll,UpdatePerUserSystemParameters
- %WINDIR%\regedit.exe /s /e "<SYSTEM32>\tmp" "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\NetWork"
- <SYSTEM32>\tmp
- <SYSTEM32>\tmp
- 'sm##.gmail.com':465
- 'www.ms#.com':80
- DNS ASK sm##.gmail.com
- DNS ASK www.ms#.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''