Техническая информация
- '<SYSTEM32>\cmd.exe' /S /D /c" DEL "
- '<SYSTEM32>\cmd.exe' /S /D /c" ERASE run.cmd"
- '<SYSTEM32>\taskkill.exe' /f /im cmd.exe
- '<SYSTEM32>\schtasks.exe' /create /tn SysChecks /tr %APPDATA%\SearchProtocolHosts.exe /sc minute /mo 3
- '%APPDATA%\Unit.exe'
- '<SYSTEM32>\cmd.exe' /c run.cmd
- '<SYSTEM32>\cmd.exe' /c DEL | ERASE run.cmd
- <SYSTEM32>\cmd.exe
- %APPDATA%\SearchProtocolHosts.exe
- %APPDATA%\run.cmd
- %APPDATA%\svnhost.exe
- %APPDATA%\Unit.exe
- %APPDATA%\run.cmd
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''