Техническая информация
- <SYSTEM32>\lm.exe
- %TEMP%\nss3.tmp\ns4.tmp <SYSTEM32>\lm.bat
- <SYSTEM32>\cacls.exe "%APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk" /t /c /g everyone:r
- %WINDIR%\regedit.exe /s <SYSTEM32>\lm.reg
- <SYSTEM32>\wscript.exe "<SYSTEM32>\mm.vbs"
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\lm.bat
- <SYSTEM32>\wscript.exe "<SYSTEM32>\lm.vbs"
- <SYSTEM32>\attrib.exe +r +s "%APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk"
- %TEMP%\nss3.tmp\nsExec.dll
- <SYSTEM32>\lm.bat
- <SYSTEM32>\mm.vbs
- %TEMP%\nss3.tmp\ns4.tmp
- <SYSTEM32>\lm.reg
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk
- %TEMP%\nsp2.tmp
- <SYSTEM32>\lm.vbs
- <SYSTEM32>\lm.exe
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk
- %TEMP%\nss3.tmp\nsExec.dll
- <SYSTEM32>\mm.vbs
- <SYSTEM32>\lm.vbs
- %TEMP%\nss3.tmp\ns4.tmp
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: '%HOMEPATH%\Desktop'
- ClassName: 'RegEdit_RegEdit' WindowName: ''