Техническая информация
- скрытых файлов
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'RunInvalidSignatures' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments] 'SaveZoneInformation' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe;.dat'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Download] 'RunInvalidSignatures' = '00000001'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Attachments] 'SaveZoneInformation' = '00000001'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe;.dat'
- '%WINDIR%\syswow64\shutdown.exe' /r /t 0' (со скрытым окном)
- '%WINDIR%\syswow64\shutdown.exe' /r /t 0