Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe, imeset.exe'
- %WINDIR%\imeset.exe
- %TEMP%\~tenctm.tmpt
- %APPDATA%\IME\ime32.dll
- %TEMP%\~tenctm.tmp
- %TEMP%\2nd.dat
- %APPDATA%\IME\hanja\2rd8-ES.dat
- %TEMP%\~tenctm.tmp
- %TEMP%\~tenctm.tmpt
- %TEMP%\2nd.dat
- %TEMP%\2nd.dat.tmp