Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\installer\profile\deviceindex.exe,'
- <SYSTEM32>\tskill.exe deviceindex
- <SYSTEM32>\findstr.exe /i /s /m id3 "C:\documents and settings"\*.mp3
- <SYSTEM32>\attrib.exe +r +h +s %WINDIR%\installer\profile
- <SYSTEM32>\reg.exe add "hklm\software\microsoft\windows nt\currentversion\winlogon" /v Userinit /t reg_sz /d <SYSTEM32>\userinit.exe,%WINDIR%\installer\profile\deviceindex.exe, /f
- %WINDIR%\Installer\Profile\deviceindex.exe
- %TEMP%\~1.bat
- %TEMP%\~1.bat
- %TEMP%\~1.bat