Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\antibanner.bat.exe,'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe'
- <SYSTEM32>\reg.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v "Shell" /d "explorer.exe"
- <SYSTEM32>\reg.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v "Userinit" /d "<SYSTEM32>\userinit.exe,%WINDIR%\antibanner.bat.exe,"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\antibanner.bat" "
- <SYSTEM32>\reg.exe ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /f /v "AutoEndTasks" /d "1"
- %TEMP%\1.tmp\antibanner.bat
- %TEMP%\1.tmp\antibanner.bat