Техническая информация
- <SYSTEM32>\findstr.exe -LC:"= Running Processes =" DDS.txt
- <SYSTEM32>\cscript.exe //NOLOGO //E:VBSCRIPT //B //T:15 osidDDS.vbs
- <SYSTEM32>\regsvr32.exe /S "<SYSTEM32>\vbscript.dll"
- %TEMP%\nsh3.tmp\SWREG.DAT
- %TEMP%\nsh3.tmp\SvcWhtDDSW7.dll
- %HOMEPATH%\My Documents\My Videos\Desktop.ini
- %TEMP%\nsh3.tmp\setpath_N.cmd
- %TEMP%\nsh3.tmp\SED.DAT
- %TEMP%\nsh3.tmp\Screentxt
- %TEMP%\nsh3.tmp\SvcWhtDDSVista.dll
- %TEMP%\nsh3.tmp\SvcWhtDDS.dll
- %TEMP%\nsh3.tmp\StartUp
- %TEMP%\nsh3.tmp\temp00
- %TEMP%\nsh3.tmp\whitedirB
- %TEMP%\nsh3.tmp\Created00
- %TEMP%\nsh3.tmp\InstallDate
- %TEMP%\nsh3.tmp\FILES00
- %TEMP%\nsh3.tmp\svclist.dat
- %TEMP%\nsh3.tmp\WhiteDir
- %TEMP%\nsh3.tmp\WhiteDir00
- %TEMP%\nsh3.tmp\desktop.ini
- %TEMP%\nsh3.tmp\DDS.txt
- %TEMP%\nsh3.tmp\dds.cmd
- %TEMP%\nsh3.tmp\Assoc.cmd
- %TEMP%\nsh3.tmp\System.dll
- %TEMP%\nsx2.tmp
- %TEMP%\nsh3.tmp\UserInfo.dll
- %TEMP%\nsh3.tmp\XP.mac
- %TEMP%\nsh3.tmp\MBR.DAT
- %TEMP%\nsh3.tmp\PEV.DAT
- %TEMP%\nsh3.tmp\OsPropB.vbs
- %TEMP%\nsh3.tmp\RegX64.cmd
- %TEMP%\nsh3.tmp\Policies.exe
- %TEMP%\nsh3.tmp\notifykeysB.com
- %TEMP%\nsh3.tmp\MSClsid.exe
- %TEMP%\nsh3.tmp\OsProp.vbs
- %TEMP%\nsh3.tmp\osidDDS.vbs
- %HOMEPATH%\My Documents\My Videos\Desktop.ini
- %TEMP%\nsh3.tmp\temp00
- %TEMP%\nsh3.tmp\WhiteDir00
- %TEMP%\nsh3.tmp\setpath_N.cmd
- ClassName: 'ConsoleWindowClass' WindowName: ''