Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FakeUp' = '%WINDIR%\gamer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Skype' = '%WINDIR%\userint.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%WINDIR%\userint.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'exploer.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'userinit' = 'userint.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Gamer @mail.ru' = '%WINDIR%\gamer.exe'
- <SYSTEM32>\reg.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FakeUp" /t REG_SZ /d %WINDIR%\gamer.exe /f
- <SYSTEM32>\reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Skype /t REG_SZ /d "%WINDIR%\userint.exe" /f
- <SYSTEM32>\reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t reg_sz /d "%WINDIR%\userint.exe" /f
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d "exploer.exe" /f
- <SYSTEM32>\reg.exe add "HKEY_local_machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v userinit /t reg_sz /d "userint.exe" /f
- <SYSTEM32>\reg.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Gamer @mail.ru" /t REG_SZ /d %WINDIR%\gamer.exe /f
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''