Техническая информация
- %WINDIR%\lolyootxf.txt
- %WINDIR%\lolyootxf.dll
- C:\snjl5ufsr.bat
- <Полный путь к файлу>
- '61.##3.28.120':443
- ClassName: 'LOLYOOTXF' WindowName: 'dlmcrxeecqcrig'
- ClassName: 'LOLYOOTXF' WindowName: ''
- '%WINDIR%\syswow64\regsvr32.exe' /s "%WINDIR%\lolyootxf.dll"
- '%WINDIR%\syswow64\cmd.exe' /c C:\SNJL5UFSR.BAT
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Display Inline Images" /t REG_SZ /d yes /F
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v Play_Animations /t REG_SZ /d no /F
- '%WINDIR%\syswow64\reg.exe' delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /F
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v DisableScriptDebuggerIE /t REG_SZ /d yes /F
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v Play_Background_Sounds /t REG_SZ /d no /F
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Display Inline Videos" /t REG_SZ /d no /F
- '%WINDIR%\syswow64\regsvr32.exe' /u /s itss.dll
- '%WINDIR%\syswow64\regsvr32.exe' /u /s scrrun.dll
- '%WINDIR%\syswow64\regsvr32.exe' /u /s msvidctl.dll
- '%WINDIR%\syswow64\regsvr32.exe' /s jscript.dll
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Disable Script Debugger" /t REG_SZ /d yes /F
- '%WINDIR%\syswow64\regsvr32.exe' /u /s vbscript.dll