Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\vbc.url
- %TEMP%\sj3eqeav.0.cs
- %TEMP%\sj3eqeav.cmdline
- %TEMP%\sj3eqeav.out
- %TEMP%\sj3eqeav.pdb
- %TEMP%\CSC1.tmp
- %TEMP%\RES2.tmp
- %TEMP%\sj3eqeav.dll
- %APPDATA%\vbc\vbc.exe
- %TEMP%\RES2.tmp
- %TEMP%\CSC1.tmp
- %TEMP%\sj3eqeav.out
- %TEMP%\sj3eqeav.dll
- %TEMP%\sj3eqeav.cmdline
- %TEMP%\sj3eqeav.0.cs
- %TEMP%\sj3eqeav.pdb
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\csc.exe' /noconfig /fullpaths @\"C:\\Documents and Settings\\%USERNAME%\\Local Settings\\Temp\\sj3eqeav.cmdline\"
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\cvtres.exe' \NOLOGO \READONLY \MACHINE:IX86 \"\OUT:C:\\DOCUME~1\\%USERNAME%\\LOCALS~1\\Temp\\RES2.tmp\" \"c:\\Documents and Settings\\%USERNAME%\\Local Settings\\Temp\\CSC1.tmp\"
- '<SYSTEM32>\schtasks.exe' /query
- '<SYSTEM32>\schtasks.exe' /create /sc MINUTE /tn vbc /MO 1 /tr \"C:\\Documents and Settings\\%USERNAME%\\Application Data\\vbc\\vbc.exe\\