Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winprotect' = '%WINDIR%\winprotect.exe'
- '<SYSTEM32>\reg.exe' ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations /v LowRiskFileTypes /d .exe; /f
- '<SYSTEM32>\reg.exe' ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v winprotect /d %WINDIR%\winprotect.exe /f
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe;'
- %WINDIR%\winprotect.exe