Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Windows.lnk
- '<SYSTEM32>\rundll32.exe' %ALLUSERSPROFILE%\Application Data\Microsoft\muixml.cat,NnvTisp
- '<SYSTEM32>\reg.exe' add HKCU\Software\Classes\Drive\shell\Open\command /ve /f /d "<SYSTEM32>\rundll32.exe C:\Documents and Settings\%USERNAME%\ntuser.dat:init,CDLocateRng ""%1"""
- '<SYSTEM32>\reg.exe' add HKCU\Software\Classes\Drive\shell /ve /f /d "Open"
- '<SYSTEM32>\cmd.exe' /c init.cmd
- '<SYSTEM32>\cmd.exe' /c %TEMP%\kige.cmd
- %HOMEPATH%\NTUSER.DAT:init
- %TEMP%\kige.cmd
- %TEMP%\init
- %ALLUSERSPROFILE%\Application Data\Microsoft\muixml.cat
- %ALLUSERSPROFILE%\Application Data\Microsoft\muixml.cat
- %TEMP%\kige.cmd
- %TEMP%\init.cmd
- %HOMEPATH%\init
- %TEMP%\init в %HOMEPATH%\init