Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe, %windir%/SYS/svchost.exe, %windir%/SYS/WindowsServices.exe'
- Средство контроля пользовательских учетных записей (UAC)
- %WINDIR%\SYS\start.exe
- %WINDIR%\SYS\takmgr.exe
- %WINDIR%\SYS\svchost.exe
- %WINDIR%\SYS\start.exe
- %WINDIR%\SYS\taskkill.exe
- %WINDIR%\SYS\WindowsServices.exe
- %WINDIR%\SYS\wave.mp3
- %WINDIR%\SYS\wallpaper.bmp
- %WINDIR%\SYS\Shell.reg
- %WINDIR%\SYS\DisableUAC.reg
- %WINDIR%\SYS\devcon.exe
- %WINDIR%\SYS\cssrss.exe
- %WINDIR%\SYS\msgbox1.exe
- %WINDIR%\SYS\Remove.exe
- %WINDIR%\SYS\reged.exe
- %WINDIR%\SYS\msgbox2.exe
- %WINDIR%\SYS\takmgr.exe
- %WINDIR%\SYS\svchost.exe
- %WINDIR%\SYS\start.exe
- %WINDIR%\SYS\taskkill.exe
- %WINDIR%\SYS\WindowsServices.exe
- %WINDIR%\SYS\wave.mp3
- %WINDIR%\SYS\wallpaper.bmp
- %WINDIR%\SYS\DisableUAC.reg
- %WINDIR%\SYS\devcon.exe
- %WINDIR%\SYS\cssrss.exe
- %WINDIR%\SYS\msgbox1.exe
- %WINDIR%\SYS\Shell.reg
- %WINDIR%\SYS\reged.exe
- %WINDIR%\SYS\msgbox2.exe
- ClassName: 'WMPlayerApp' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'Type32_Main_Window' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: ''