Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SysLoad] 'Logon' = 'WinLogonEvent'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SysLoad] 'DllName' = 'libsysinfo.dll'
- '<SYSTEM32>\sysload.exe'
- <SYSTEM32>\sysinit.exe
- <SYSTEM32>\sysload.exe
- <SYSTEM32>\info.dat