Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\UxSms] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Themes] 'Start' = '00000002'
- '%WINDIR%\syswow64\net.exe' stop uxsms
- C:\aeroìøð§.bat
- <Текущая директория>\hx.dll
- '21#.#4.104.161':47
- '%WINDIR%\syswow64\cmd.exe' /c C:\AEROГЊГГђВ§.bat' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c C:\AEROГЊГГђВ§.bat
- '%WINDIR%\syswow64\sc.exe' config UxSms start= auto
- '%WINDIR%\syswow64\sc.exe' config Themes start= auto
- '%WINDIR%\syswow64\net.exe' start Themes
- '%WINDIR%\syswow64\net1.exe' start Themes
- '%WINDIR%\syswow64\reg.exe' add "HKCU\Software\Microsoft\Windows\DWM" /v Composition /t reg_dword /d 00000001 /f
- '%WINDIR%\syswow64\reg.exe' add "HKCU\Software\Microsoft\Windows\DWM" /v CompositionPolicy /t reg_dword /d 00000002 /f
- '%WINDIR%\syswow64\net1.exe' stop uxsms
- '%WINDIR%\syswow64\net.exe' start uxsms
- '%WINDIR%\syswow64\net1.exe' start uxsms
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns