Техническая информация
- '<SYSTEM32>\attrib.exe' +s +h %WINDIR%\Prefetch\secscan.exe
- '<SYSTEM32>\attrib.exe' +s +h %WINDIR%\security\WINSec.exe
- '<SYSTEM32>\secedit.exe' /configure /db %WINDIR%\db.sdb
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\start.bat" "
- '<SYSTEM32>\ping.exe' 127.0.0.1
- %WINDIR%\security\tmp.edb
- %WINDIR%\security\edb.log
- %WINDIR%\security\logs\scesrv.log
- %WINDIR%\security\edb.chk
- %WINDIR%\security\res1.log
- %WINDIR%\start.bat
- %WINDIR%\db.sdb
- %WINDIR%\security\res2.log
- %WINDIR%\security\edbtmp.log
- %WINDIR%\db.sdb
- %WINDIR%\security\edbtmp.log в %WINDIR%\security\edb.log
- %WINDIR%\security\edbtmp.log
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''