Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\IKEEXT] 'Start' = '00000002'
- '%WINDIR%\syswow64\net.exe' stop Security Center
- '%WINDIR%\syswow64\netsh.exe' firewall set opmode mode=disable
- C:\documents and settings\satansnuker.exe
- C:\documents and settings\satanspitbull.exe
- C:\documents and settings\satansweapon.exe
- C:\documents and settings\satansdevil.exe
- C:\documents and settings\54574n.bat
- nul
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\Documents and Settings\54574N.bat" > NUL"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\Documents and Settings\54574N.bat" > NUL"
- '%WINDIR%\syswow64\net1.exe' stop Security Center
- '%WINDIR%\syswow64\cmd.exe' /c TASKLIST /M| FIND "."
- '%WINDIR%\syswow64\tasklist.exe' /M
- '%WINDIR%\syswow64\find.exe' "."