Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,'
- [<HKLM>\SOFTWARE\Classes\.bat] '' = 'batfile'
- [<HKLM>\SOFTWARE\Classes\.cmd] '' = 'cmdfile'
- '<SYSTEM32>\taskkill.exe' /F /IM Iexplorer.exe
- %TEMP%\Loikaw Virus Removal.vbs
- ClassName: '' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%TEMP%\Loikaw Virus Removal.vbs"
- '<SYSTEM32>\reg.exe' Delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f