Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Explore.exe' = '<SYSTEM32>\25.vbs'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'jpegfile'
- Интерпретатора командной строки (CMD)
- Редактора реестра (RegEdit)
- '<SYSTEM32>\cmd.exe' /c del.bat
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\del.bat
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\reg.bat
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFolderOptions' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoViewOnDrive' = 'FFFFFFFF'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFileMenu' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoDesktop' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoClose' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoRun' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoDrives' = 'FFFFFFFF'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFind' = '00000001'
- <SYSTEM32>\reg.bat
- <Текущая директория>\del.bat
- <SYSTEM32>\4.bat
- <SYSTEM32>\reg.reg
- <SYSTEM32>\4.bat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'