Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\systembytes.lnk
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\System32\1.vbs"
- '<SYSTEM32>\wscript.exe' "C:\ProgramData\System32\2.vbs"
- '<SYSTEM32>\tasklist.exe' /FI "ImageName EQ systemhoster.exe"
- '<SYSTEM32>\find.exe' /I "systemhoster.exe"
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\System32\1.cmd" "
- '<SYSTEM32>\find.exe' /I "Taskmgr.exe "
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\System32\2.cmd" "
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\System32\3.cmd" "
- '<SYSTEM32>\tasklist.exe' /FI "ImageName EQ Taskmgr.exe "
- C:\ProgramData\System32\STARTA.lnk
- C:\ProgramData\System32\1.vbs
- C:\ProgramData\System32\2.vbs
- C:\ProgramData\System32\systemhoster.exe
- C:\ProgramData\System32\1.cmd
- C:\ProgramData\System32\2.cmd
- C:\ProgramData\System32\3.cmd
- C:\ProgramData\System32\STARTA.lnk
- C:\ProgramData\System32\1.vbs
- C:\ProgramData\System32\2.vbs
- C:\ProgramData\System32\systemhoster.exe
- C:\ProgramData\System32\1.cmd
- C:\ProgramData\System32\2.cmd
- C:\ProgramData\System32\3.cmd
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''