Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RedSHDrv' = '"%APPDATA%\Roaming\dQSKw.exe"'
- '<SYSTEM32>\bcdedit.exe' /set {default} bootstatuspolicy ignoreallfailures
- '<SYSTEM32>\bcdedit.exe' /set {bootmgr} displaybootmenu no
- %APPDATA%\Roaming\clientparams.hdd
- %APPDATA%\Roaming\dQSKw.exe
- ClassName: 'Indicator' WindowName: '(null)'