Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Filel' = '<SYSTEM32>\explorerr.exe'
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f
- <SYSTEM32>\reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Filel" /t REG_SZ /d "<SYSTEM32>\explorerr.exe" /f
- <SYSTEM32>\msg.exe * prodaL DUSHU ZA CHITIT!!!!!!
- <SYSTEM32>\taskkill.exe /f /im explorer.exe
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\NEWbxAIM.BAT" "
- <SYSTEM32>\reg.exe add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 1 /f
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun /v 1 /t REG_DWORD /d %WINDIR%\explorer.exe /f
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoControlPanel' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoDesktop' = '00000001'
- <SYSTEM32>\explorerr.exe
- %TEMP%\1.tmp\NEWbxAIM.BAT
- ClassName: '' WindowName: ''