Technical Information
- '<SYSTEM32>\taskkill.exe' /F /IM IDMan.exe
- %TEMP%\0.bat
- %TEMP%\nsp2.tmp\nsExec.dll
- %TEMP%\nsp2.tmp\ns3.tmp
- %TEMP%\permdel.txt
- ClassName: '' WindowName: ''
- '%TEMP%\nsp2.tmp\ns3.tmp' "<SYSTEM32>\cmd.exe" /C cd "%HOMEPATH%\Local Settings\Temp" & "0.bat"
- '<SYSTEM32>\cmd.exe' /C cd "%HOMEPATH%\Local Settings\Temp" & "0.bat"
- '<SYSTEM32>\regini.exe' permdel.txt