Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TaskMgr.exe] 'Debugger' = '%PROGRAM_FILES%\Windows Media Player\wmplayer.exe'
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my pictures"
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my videos"
- <SYSTEM32>\net1.exe stop "SDRSVC"
- <SYSTEM32>\net.exe stop "SDRSVC"
- <SYSTEM32>\ping.exe localhost -n 1
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\1.bat""
- <SYSTEM32>\attrib.exe +h "%HOMEPATH%\my documents\my music"
- <SYSTEM32>\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TaskMgr.exe" /v "Debugger" /t "REG_SZ" /d "%PROGRAM_FILES%\Windows Media Player\wmplayer.exe" /f
- %TEMP%\1.tmp\1.bat