Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'l33t' = '%WINDIR%\system\iexplore.exe'
- %WINDIR%\system\iexplore.exe
- %WINDIR%\ProInject.exe
- <SYSTEM32>\xcopy.exe /Y %WINDIR%\system\*.txt2 %WINDIR%\system\*.exe
- <SYSTEM32>\reg.exe ADD HKLM\software\microsoft\windows\currentversion\run /v l33t /d %WINDIR%\system\iexplore.exe
- %WINDIR%\system\iexplore.exe
- %WINDIR%\system\smss.txt2
- <SYSTEM32>\Microsoft\hack.0.html
- %WINDIR%\system\smss.exe
- %WINDIR%\system\smss.txt
- %WINDIR%\ProInject.exe
- %WINDIR%\l33td.ini
- %WINDIR%\system\iexplore.txt2
- %WINDIR%\system\iexplore.txt
- ClassName: 'l33tdemowindowclass' WindowName: 'l33tdemowindowname'
- ClassName: 'Shell_TrayWnd' WindowName: ''