Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemFile' = '<SYSTEM32>\Lsas.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{z6B2445-1963-9142-A0DB-DBDB9E15FB9z;] 'StubPath' = 'Lsas.exe AutoRun'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe %WINDIR%\inf\Lsass.exe'
- скрытых файлов
- <SYSTEM32>\Lsast.exe
- %WINDIR%\inf\Lsasss.exe
- <SYSTEM32>\Lsast.exe в <SYSTEM32>\Lsas.exe
- %WINDIR%\inf\Lsasss.exe в %WINDIR%\inf\Lsass.exe
- ClassName: 'Edit' WindowName: '(null)'
- ClassName: '#32770' WindowName: 'YLoginWnd'
- ClassName: 'YTopWindow' WindowName: '(null)'
- ClassName: 'Button' WindowName: '&Sign In'
- ClassName: 'YahooBuddyMain' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Windows Task Manager'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: '#32770' WindowName: '(null)'