Техническая информация
- Средство контроля пользовательских учетных записей (UAC)
- 'C:\ProgramData\WAU\XML.exe'
- '%TEMP%\data\SDK.exe' -p789789 -dC:\ProgramData\WAU
- '%TEMP%\data\INT.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\4.tmp\5.bat" C:\ProgramData\WAU\XML.exe"
- '<SYSTEM32>\schtasks.exe' /Create /XML C:\ProgramData\WAU\UpdateSequence.xml /TN UpdateSequence
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" %TEMP%\data\INT.exe"
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
- C:\ProgramData\WAU\NTK.exe
- C:\ProgramData\WAU\lock.exe
- C:\ProgramData\WAU\unlock.exe
- %TEMP%\4.tmp\5.bat
- C:\ProgramData\WAU\XML.exe
- %TEMP%\data\SDK.exe
- %TEMP%\data\INT.exe
- %TEMP%\data\adw.exe
- C:\ProgramData\WAU\UpdateSequence.xml
- %TEMP%\1.tmp\2.bat
- %TEMP%\4.tmp\5.bat
- ClassName: 'EDIT' WindowName: ''