Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager] 'BootExecute' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\sndisk] 'Start' = '00000000'
- %PROGRAM_FILES%\HintSoft\Recover\RecoverSetup.exe /INSTALL /SAFE:def /PWD:norikozlwb /RBOOT
- <SYSTEM32>\logonui.exe /status /shutdown
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\HintSoft\Recover\install.bat" "
- %PROGRAM_FILES%\HintSoft\Recover\sndisk.sys
- C:\Protect.sys
- <DRIVERS>\sndisk.sys
- %PROGRAM_FILES%\HintSoft\Recover\install.bat
- %PROGRAM_FILES%\HintSoft\Recover\Init.dll
- %PROGRAM_FILES%\HintSoft\Recover\RecoverSetup.exe
- ClassName: 'StatusWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''