Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = 'msrclr42.dll'
- '<SYSTEM32>\reg.exe' Add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 1 /f
- '<SYSTEM32>\reg.exe' Add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v RequireSignedAppInit_DLLs /t REG_DWORD /d 0 /f
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\scs5438.bat
- '<SYSTEM32>\reg.exe' Add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v AppInit_DLLs /d "msrclr42.dll" /f
- <SYSTEM32>\msrclr42.dll
- %TEMP%\scs5438.tmp
- %TEMP%\scs5438.bat
- %TEMP%\scs5438.tmp