Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftCtfmon' = 'c:\ctfmonn.exe'
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p %USERNAME%s:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Administradores:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Administrador:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Everyone:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Todos:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p %USERNAME%:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Users:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p SYSTEM:n /e
- <SYSTEM32>\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v MicrosoftCtfmon /t REG_SZ /d "c:\ctfmonn.exe" /f
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Usuбrio:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p Usuбrios:n /e
- <SYSTEM32>\cacls.exe "%PROGRAM_FILES%\GbPlugin\*.*" /p User:n /e