Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\ntos.exe,'
- '%HOMEPATH%\Desktop\1games.exe'
- '<SYSTEM32>\cmd.exe' /c ""%HOMEPATH%\My Documents\My Pictures\1213443255.bat" "
- '<SYSTEM32>\notepad.exe' %HOMEPATH%\Desktop\4534534534.txt
- %HOMEPATH%\My Documents\My Pictures\1213443255.bat
- <SYSTEM32>\ntos.exe
- %HOMEPATH%\Desktop\1games.exe
- %HOMEPATH%\Desktop\4534534534.txt
- <SYSTEM32>\ntos.exe