Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoRecentDocsMenu' = '00000001'
- <SYSTEM32>\pnyv4wnpl\2.reg
- <SYSTEM32>\pnyv4wnpl\3.reg
- <SYSTEM32>\pnyv4wnpl\9.reg
- <SYSTEM32>\pnyv4wnpl\99.exe
- %WINDIR%\Temp\a00370.bat
- <SYSTEM32>\pnyv4wnpl\9.reg
- %WINDIR%\Temp\a00370.bat
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\pnyv4wnpl\99.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Temp\a00370.bat" "<SYSTEM32>\pnyv4wnpl\99.exe" "
- '<SYSTEM32>\mode.com' 69,20
- '<SYSTEM32>\reg.exe' import 9.reg
- '<SYSTEM32>\reg.exe' import 2.reg
- '<SYSTEM32>\reg.exe' import 3.reg