Техническая информация
- [<HKLM>\SOFTWARE\Classes\MSProgramGroup\Shell\Open\Command] '' = '<SYSTEM32>\grpconv.exe %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinDBdrv] 'Start' = '00000001'
- '<SYSTEM32>\DBService.exe' hiddenlistUpdate
- '<Текущая директория>\DBPrompt.exe'
- '<SYSTEM32>\grpconv.exe' -o
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\rundll32.exe' setupapi,InstallHinfSection DefaultInstall 132 <SYSTEM32>\\DeviceBlockdrv.inf
- %TEMP%\MBX@B38@3A3258.###
- %WINDIR%\ptservice.exe
- <Текущая директория>\DBPrompt.exe
- %ALLUSERSPROFILE%\Application Data\USB Block\systemDB.$dk
- %ALLUSERSPROFILE%\Application Data\USB Block\win_hidelist.dat
- %TEMP%\MBX@B38@3A3248.###
- <SYSTEM32>\DBService.exe
- %ALLUSERSPROFILE%\Application Data\USB Block\win_setting_sys.dat
- <Текущая директория>\DBLAYER.DLL
- <Текущая директория>\HTMLAYOUT.DLL
- <SYSTEM32>\WinDBdrv.sys
- <SYSTEM32>\DeviceBlockdrv.inf
- %ALLUSERSPROFILE%\Application Data\USB Block\win_db_dflt.dat
- ClassName: 'Shell_TrayWnd' WindowName: ''