Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{389623AB-8888-22d2-9CBD-0000F87A469H}] 'StubPath' = '%CommonProgramFiles%\Microsoft Shared\MSInfo\svchost.exe'
- %WINDIR%\regedit.exe /S "%CommonProgramFiles%\1.reg"
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- %CommonProgramFiles%\1.reg
- %CommonProgramFiles%\Microsoft Shared\MSInfo\svchost.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\svchost.exe
- %CommonProgramFiles%\1.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''