Техническая информация
- <SYSTEM32>\taskkill.exe /im mmc.exe /f
- <SYSTEM32>\mmc.exe "<SYSTEM32>\gpedit.msc"
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\sys.bat" "
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{2FA225BD-D67D-4401-B67B-C43067B04917}User\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments] 'SaveZoneInformation' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{2FA225BD-D67D-4401-B67B-C43067B04917}User\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '*.bat'
- %PROGRAM_FILES%\sys.bat
- %CommonProgramFiles%\AsSysCtrlSrvcIns.tmp
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: '' WindowName: ''