Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv] 'LogOn' = 'StartSys'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv] 'DllName' = 'C:\Programmi\Stardock\Object Desktop\WindowBlinds\wbsrv.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DockStation' = 'C:\Programmi\RK Launcher\RKLauncher.exe'
- скрытых файлов
- расширений файлов
- '%WINDIR%\regedit.exe' /S vistacursors.reg
- '%WINDIR%\regedit.exe' /S WindowBlinds.reg
- '%WINDIR%\regedit.exe' /S RKlaunch.reg
- '%WINDIR%\regedit.exe' /S impcart.reg
- '%WINDIR%\regedit.exe' /S nfoCONF.reg
- %TEMP%\RarSFX0\WindowBlinds.reg
- %TEMP%\RarSFX0\impcart.reg
- %TEMP%\RarSFX0\vistacursors.reg
- %TEMP%\RarSFX0\nfoCONF.reg
- %TEMP%\RarSFX0\RKlaunch.reg
- %TEMP%\RarSFX0\vistacursors.reg
- %TEMP%\RarSFX0\WindowBlinds.reg
- %TEMP%\RarSFX0\RKlaunch.reg
- %TEMP%\RarSFX0\impcart.reg
- %TEMP%\RarSFX0\nfoCONF.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''