Техническая информация
- '<SYSTEM32>\taskkill.exe' /IM explorer.exe /F
- %WINDIR%\Explorer.EXE
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\b.bat
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\a.bat
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\1.bat
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\bb.jpg
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\err.mp3
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\c.bat
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\error.html
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\alert626b626b.html
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\alert.html
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\back_files\jquery-2.js
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\back_files\jquery-1.js
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\back_files\style.css
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\1.bat" "