Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '<SYSTEM32>\VM.dll'
- <SYSTEM32>\reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /t REG_SZ /d "<SYSTEM32>\VM.dll" /f
- <SYSTEM32>\cmd.exe /c C:\delM.bat
- <SYSTEM32>\cmd.exe /c C:\asdfjsf.bat
- <SYSTEM32>\VMware.dll
- C:\delM.bat
- C:\asdfjsf.bat
- <SYSTEM32>\VM.dll