Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\system.exe.lnk
- C:\ProgramData\Windows\hstart1.exe
- C:\ProgramData\Windows\system.exe
- C:\ProgramData\Windows\start.bat
- C:\ProgramData\Windows\System\system.exe
- %WINDIR%\Temp\M\M.exe
- ClassName: 'EDIT' WindowName: ''
- 'C:\ProgramData\Windows\hstart1.exe' /NOCONSOLE start.bat
- '%WINDIR%\Temp\M\M.exe' -p321 -dC:\ProgramData\Windows\
- 'C:\ProgramData\Windows\System\system.exe'
- '<SYSTEM32>\tasklist.exe' /NH /FI "IMAGENAME eq taskmgr.exe"
- '<SYSTEM32>\cmd.exe' /c tasklist /NH /FI "IMAGENAME eq system.exe"
- '<SYSTEM32>\cmd.exe' /c start.bat
- '<SYSTEM32>\cmd.exe' /c tasklist /NH /FI "IMAGENAME eq taskmgr.exe"