Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\logonui.exe' /status
- '<SYSTEM32>\net1.exe' user "%USERNAME%" "tutu"
- '<SYSTEM32>\net1.exe' user "%USERNAME%" /FULLNAME:"ТЄГЬВлјУQQ137457375"
- '<SYSTEM32>\cmd.exe' /c C:\ddel.bat
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\%USERNAME%.bmp
- <SYSTEM32>\Aver.ico
- C:\ddel.bat
- <SYSTEM32>\oobe\info\backgrounds\backgroundDefault.jpg
- %WINDIR%\SkinH_EL.dll
- %WINDIR%\ME\ГОчКДЈїй.ico
- %WINDIR%\ME\ГОчКФґВл.ico
- %WINDIR%\ME\ГОчКФґВл.ico
- %WINDIR%\ME\ГОчКДЈїй.ico
- %WINDIR%\SkinH_EL.dll
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'StatusWindowClass' WindowName: ''