Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe %WINDIR%\inf\syspach.com'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NOD32' = '%HOMEPATH%\Local Settings\lsass.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\Dos.pif
- Редактора реестра (RegEdit)
- [<HKCU>\SOFTWARE\Yahoo\Pager]
- %HOMEPATH%\Local Settings\lsass.exe
- %WINDIR%\inf\syspach.com
- %WINDIR%\Help\CMDDLGNT.CHI
- %TEMP%\~DFC1E.tmp