Техническая информация
- %WINDIR%\win.ini
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Cryptography\RNG4 /v SdInfo /t REG_BINARY /d 66006300630062007e0065006400600067007e006a006500600060007e0062006000610061007e0066006b00600061007e0064006300660065000600...
- '<SYSTEM32>\cmd.exe' /c if exist "<Текущая директория>\..\..\User.Config\Eng" move /y Eng\*.exe
- '<SYSTEM32>\cmd.exe' /c rd /q/s Eng
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2k10\UDefrag\Eng\set.cmd" "
- '<SYSTEM32>\find.exe' /i /c "[Udbded]" "%WINDIR%\win.ini"
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Cryptography\RNG4 /v SdHash /t REG_DWORD /d 2441068552 /f
- %TEMP%\2k10\UDefrag\UltimateDefrag.exe
- %TEMP%\2k10\UDefrag\Eng\UltimateDefrag.exe
- %TEMP%\2k10\UDefrag\TFU.db
- %TEMP%\2k10\UDefrag\Eng\set.cmd
- %TEMP%\2k10\UDefrag\UltimateDefrag.xml
- %TEMP%\2k10\UDefrag\Eng\UltimateDefrag.exe
- %TEMP%\2k10\UDefrag\Eng\set.cmd