Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{10029805-A707-22d2-9CBD-0000F87A469H}] 'StubPath' = '%CommonProgramFiles%\Microsoft Shared\bbs\bbs\bbs.exe'
- '%WINDIR%\regedit.exe' /S "D:\1.reg"
- '<SYSTEM32>\cacls.exe' "%CommonProgramFiles%\Microsoft Shared\bbs" /d everyone /e
- '<SYSTEM32>\cacls.exe' "%CommonProgramFiles%\Microsoft Shared\bbs\bbs /d everyone /e
- '%ProgramFiles%\forumdisp.exe'
- '<SYSTEM32>\cmd.exe' /c "%CommonProgramFiles%\Microsoft Shared\MSInfo\ntfs.bat"
- %CommonProgramFiles%\Microsoft Shared\MSInfo\kkk.txt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\IEFILES5.INI
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ntfs.bat
- %CommonProgramFiles%\Microsoft Shared\MSInfo\xinzhu.txt
- %ProgramFiles%\forumdisp.exe
- %CommonProgramFiles%\a2.txt
- %CommonProgramFiles%\Microsoft Shared\bbs\bbs\bbs.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''