Техническая информация
- %WINDIR%\Tasks\SecurityProxy.job
- '<SYSTEM32>\cmd.exe' /S /D /c" ver "
- '<SYSTEM32>\find.exe' "Microsoft Windows XP"
- '<SYSTEM32>\schtasks.exe' /Create /tn SecurityProxy /tr "<SYSTEM32>\microsoft\IE\ieproxy.dll" /sc MINUTE /mo 20 /ru "SYSTEM"
- '<SYSTEM32>\schtasks.exe' /Delete /tn SecurityProxy /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX_F008\key.cmd" "
- '<SYSTEM32>\taskkill.exe' /f /im ieproxy.dll
- '<SYSTEM32>\schtasks.exe' /Delete /tn keys /f
- %TEMP%\RarSFX_F008\iedvtool.dll
- %TEMP%\RarSFX_F008\key.cmd
- ClassName: '' WindowName: ''