Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Sess.lnk
- <SYSTEM32>\rundll32.exe %ALLUSERSPROFILE%\Application Data\mui.cat,NnvTlsp
- <SYSTEM32>\cmd.exe /c %TEMP%\bywu.cmd
- %TEMP%\bywu.cmd
- %ALLUSERSPROFILE%\Application Data\mui.cat
- %ALLUSERSPROFILE%\Application Data\mui.cat
- %TEMP%\bywu.cmd