Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'odb0hypft43' = 'C:\vypnuti_pc.bat'
- Диспетчера задач (Taskmgr)
- '<SYSTEM32>\net1.exe' user %USERNAME% olksv4xg5tg
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\cmd.exe' /c ""C:\zmenit_heslo.bat" "
- '<SYSTEM32>\cmd.exe' /c ""C:\vytvorit_uzivatele.bat" "
- '<SYSTEM32>\net1.exe' user /add arr0n23plmi hyc5bckxovp
- C:\zmenit_heslo.bat
- C:\vytvorit_uzivatele.bat
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- ClassName: 'Indicator' WindowName: ''