Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '%WINDIR%\sxsds.tmp'
- '<SYSTEM32>\rundll32.exe' %WINDIR%\sxsds.tmp,G
- '%WINDIR%\regedit.exe' /s %TEMP%\1.reg
- '<SYSTEM32>\taskkill.exe' /f /im seiya.exe
- '<SYSTEM32>\cmd.exe' /c 1.bat
- %TEMP%\1.reg
- <Текущая директория>\1.bat
- %WINDIR%\sxsds.tmp
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'