Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\services.exe'
- скрытых файлов
- <SYSTEM32>\folder.htt
- ClassName: 'ThunderRT6FormDC' WindowName: ''
- ClassName: 'notepad' WindowName: ''
- ClassName: '' WindowName: '<SYSTEM32>\cmd.exe'
- ClassName: '' WindowName: 'Folder Options'
- ClassName: '' WindowName: '<SYSTEM32>\command.com'
- ClassName: 'CabinetWClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'regedit_regedit' WindowName: ''
- ClassName: '' WindowName: 'System Configuration Utility'
- ClassName: '' WindowName: 'Windows Task Manager'