Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager] 'BootExecute' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = 'C:\\Nvidia.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'avg' = 'C:\Arquivos de programas\avg.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\avg.exe
- '<SYSTEM32>\sc.exe' stop wscsvc
- '<SYSTEM32>\sc.exe' config wscsvc start= disabled
- '<SYSTEM32>\sc.exe' config Alerter start= disabled
- '<SYSTEM32>\reg.exe' ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /v "BootExecute" /d helpwin /t "REG_MULTI_SZ" /f
- '<SYSTEM32>\sc.exe' stop Alerter
- %WINDIR%\Help2k\helpwin.RRI
- %WINDIR%\Help2k\helpwin.exe
- C:\Nvidia.exe
- 'mu#####nfect.idoo.com':80
- mu#####nfect.idoo.com/val.php
- DNS ASK mu#####nfect.idoo.com
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: 'Internet Explorer_Server' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'