Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*Boot Service Utility' = '<LS_APPDATA>\temp\WINDOWS\TEMPARCHIVE\ucsvc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,<LS_APPDATA>\temp\WINDOWS\TEMPARCHIVE\taskeng.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '<LS_APPDATA>\temp\WorkspaceRuntime\wksprt.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.avi;.bat;.com;.cmd;.exe;.htm;.html;.lnk;.mpg;.mpeg;.mov;.mp3;.msi;.m3u;.rar;.reg;.txt;.vbs;.wav;.zip;'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments] 'SaveZoneInformation' = '00000001'
- ClassName: 'Shell_TrayWnd' WindowName: ''