Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = ''
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 1 /f
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs /t REG_EXPAND_SZ /d <SYSTEM32>\vdtxjye.dll /f
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\test.bat" "
- <SYSTEM32>\vdtxjye.dll
- %TEMP%\1.tmp\wcalfkj.dll
- %TEMP%\1.tmp\test.bat