Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NNVIDEA LINEAR' = '<SYSTEM32>\UPDATERWIN.EXE'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NNVIDEA MANAGER' = '<SYSTEM32>\Taskcall.EXE'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\reg.exe' ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableLUA /t REG_DWORD /d 0 /f
- '<SYSTEM32>\rundll32.exe' shell32.dll,Control_RunDLL <SYSTEM32>\BMX.cpl
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
- '<SYSTEM32>\cmd.exe' /k <SYSTEM32>\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
- '<SYSTEM32>\cmd.exe' /k <SYSTEM32>\reg.exe ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableLUA /t REG_DWORD /d 0 /f
- <LS_APPDATA>\HJI8.zip
- 'www.4s##red.com':80
- http://www.4s##red.com/download/J5UC46vY/DDD4045.zip
- DNS ASK www.4s##red.com
- ClassName: 'Shell_TrayWnd' WindowName: ''