Техническая информация
- '<SYSTEM32>\taskkill.exe' /F /IM indexsvc.exe
- '<SYSTEM32>\taskkill.exe' /F /IM SilentCMD.exe
- %TEMP%\RarSFX0\setup.bat
- %TEMP%\RarSFX0\SilentCMD.exe
- %TEMP%\RarSFX0\SilentCMD.exe.config
- %TEMP%\RarSFX0\start.vbs
- %TEMP%\RarSFX0\data.pod
- %TEMP%\RarSFX0\SDL2.dll
- %TEMP%\RarSFX0\zepton.exe
- %TEMP%\RarSFX0\indexsvc.exe
- %APPDATA%\pico-8\log.txt
- %APPDATA%\pico-8\sdl_controllers.txt
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: ''
- '%TEMP%\RarSFX0\SilentCMD.exe' setup.bat
- '%TEMP%\RarSFX0\zepton.exe'
- '<SYSTEM32>\cmd.exe' /c ""setup.bat""
- '<SYSTEM32>\schtasks.exe' /query /TN "System Maintenance"
- '<SYSTEM32>\schtasks.exe' /Create /SC MINUTE /MO 5 /TN "System Maintenance" /TR "C:\ProgramData\UpdateManager\start.vbs"