Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '32' = '\services.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '\csrss.exe'
- скрытых файлов
- <SYSTEM32>\cacls.exe %PROGRAM_FILES%\Accessories\*.* /G Everyone:f
- <SYSTEM32>\cacls.exe %PROGRAM_FILES%\Accessories\Common\*.* /G Everyone:f
- <SYSTEM32>\cacls.exe %PROGRAM_FILES%\Accessories\Common /G Everyone:f
- <SYSTEM32>\cacls.exe %PROGRAM_FILES%\Accessories /G Everyone:f
- <SYSTEM32>\cacls.exe %PROGRAM_FILES%\Accessories\Common\ /G Everyone:f
- %PROGRAM_FILES%\Accessories\Common\desktop.ini
- ClassName: 'MS_WINHELP' WindowName: ''