Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\fltsrv] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\fltsrv] 'ImagePath' = 'System32\DRIVERS\fltsrv.sys'
- %TEMP%\1.tmp\acronis.cmd
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\ControlSet001\Services\fltsrv /f /v "Group" /T REG_SZ /D "Filter"
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\ControlSet001\Services\fltsrv /f /v "DisplayName" /T REG_SZ /D "Acronis Storage Filter Management"
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\ControlSet001\Services\fltsrv /f /v "Start" /T REG_DWORD /D "0"
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\ControlSet001\Services\fltsrv /f /v "ImagePath" /T REG_SZ /D "System32\DRIVERS\fltsrv.sys"
- '<SYSTEM32>\reg.exe' QUERY HKLM\SYSTEM\ControlSet001\Services\snapman /ve
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\acronis.cmd" <Полный путь к файлу>"
- '<SYSTEM32>\reg.exe' ADD HKLM\SYSTEM\ControlSet001\Services\fltsrv /f /v "ErrorControl" /T REG_DWORD /D "0"
- '<SYSTEM32>\reg.exe' QUERY HKLM\SYSTEM\ControlSet001\Services\fltsrv /ve