Техническая информация
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoStartMenuPinnedList' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoViewOnDrive' = '03FFFFFF'
- %TEMP%\temp2.vbs
- %TEMP%\temp.vbs
- <SYSTEM32>\bat.bat
- %TEMP%\temp1.vbs
- '<SYSTEM32>\reg.exe' add "hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v disabletaskmgr /t REG_DWORD /d 1 /f
- '<SYSTEM32>\reg.exe' add "hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v disableregistrytools /t REG_DWORD /d 1 /f
- '<SYSTEM32>\reg.exe' add "hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoStartMenuPinnedList /t REG_DWORD /d 1 /f
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\bat.bat
- '<SYSTEM32>\reg.exe' add HKEY_USERS\S-1-5-21-343818398-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v nodesktop /d 1 /freg add HKEY_USERS\S-1-5-21-343818398-1417001333-7253...
- '<SYSTEM32>\reg.exe' add "hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoViewOnDrive /t REG_DWORD /d 67108863 /f