Техническая информация
- 'C:\Documents and Settings\%USERNAME%\Local Settings\Application Data\tyjmfu.exe' and Settings\%USERNAME%\Local Settings\Application Data\tyjmfu.exe -f
- '<SYSTEM32>\ping.exe' -n 3 127.1
- '<SYSTEM32>\taskkill.exe' /f /pid 2856
- '<SYSTEM32>\cmd.exe' /c taskkill /f /pid 2856 & ping -n 3 127.1 & del /f /q "<Полный путь к вирусу>" & start C:\Documents and Settings\%USERNAME%\Local Settings\Application Data\tyjmfu.exe -f
- C:\Documents and Settings\%USERNAME%\Local Settings\Application Data\tyjmfu.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''