Техническая информация
- '<SYSTEM32>\wscript.exe' "%TEMP%\stop.js"
- '<SYSTEM32>\taskkill.exe' /f /im erver.exe
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZSfx000.cmd" "
- '<SYSTEM32>\net1.exe' stop netaservice
- '<SYSTEM32>\net.exe' stop netaservice
- '%APPDATA%\Microsoft\system.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\START.bat" "
- '<SYSTEM32>\rundll32.exe' setupapi,InstallHinfSection DefaultInstall 132 %APPDATA%\log_file_2014-01-19.inf
- '<SYSTEM32>\taskkill.exe' /f /im lient.exe
- %APPDATA%\Microsoft\stop.js
- %APPDATA%\Microsoft\START.bat
- %APPDATA%\Microsoft\server.xml
- %APPDATA%\Microsoft\system.exe
- %TEMP%\7ZSfx000.cmd
- %APPDATA%\log_file_2014-01-19.inf
- %APPDATA%\Microsoft\uac.exe
- %TEMP%\START.bat
- %TEMP%\server.xml
- %TEMP%\stop.js
- %TEMP%\uac.exe
- %APPDATA%\Microsoft\RWLN.dll
- %TEMP%\system.exe
- %TEMP%\RWLN.dll
- %TEMP%\7ZSfx000.cmd
- %APPDATA%\log_file_2014-01-19.inf
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''