Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\cleanmgr] 'Start' = '00000002'
- <SYSTEM32>\cleanmgr.exe -service
- C:\RECYCLER\S-1-5-18\desktop.ini
- C:\RECYCLER\S-1-5-18\INFO2
- <SYSTEM32>\Reverse.dll
- <SYSTEM32>\GetPass_eph.dll
- C:\RECYCLER\S-1-5-18\desktop.ini