Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HotKey Features' = '%APPDATA%\Microsoft\HotKeys\hkcmd.exe'
- '%APPDATA%\Microsoft\MMC\secpol.exe'
- '%APPDATA%\Microsoft\HotKeys\hkcmd.exe'
- '<SYSTEM32>\rundll32.exe' shell32.dll,ShellExec_RunDLL %APPDATA%\Microsoft\MMC\secpol.exe
- '<SYSTEM32>\rundll32.exe' shell32.dll,ShellExec_RunDLL %APPDATA%\Microsoft\HotKeys\hkcmd.exe
- %APPDATA%\Microsoft\Credentials\hkhosts.bin
- %APPDATA%\Microsoft\SystemCertificates\hklcert.cer
- %APPDATA%\Microsoft\SystemCertificates\hktcert.cer
- %APPDATA%\Microsoft\HotKeys\hkcmd.exe
- %APPDATA%\Microsoft\MMC\secpol.exe
- '82.##5.58.249':80
- ClassName: 'Indicator' WindowName: '(null)'