Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /t /im "ccPrxy.exe"
- '<SYSTEM32>\taskkill.exe' /f /t /im "ldup.exe"
- '<SYSTEM32>\taskkill.exe' /f /t /im "msrm.exe"
- '<SYSTEM32>\taskkill.exe' /f /t /im "sy.exe"
- '<SYSTEM32>\taskkill.exe' /f /t /im "NT.Config.exe"
- %TEMP%\RarSFX0\1.bat
- %TEMP%\RarSFX0\2.bat
- %TEMP%\RarSFX0\3.bat
- %TEMP%\RarSFX0\autorun-.bat
- %TEMP%\RarSFX0\drivescan.bat
- %TEMP%\RarSFX0\regclean.bat
- %TEMP%\RarSFX0\scanid.bat
- %TEMP%\RarSFX0\clearcmdproc.reg
- %TEMP%\RarSFX0\scanreg.reg
- %TEMP%\RarSFX0\0.bat
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''
- '%WINDIR%\regedit.exe' /S clearcmdproc.reg
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\scanid.bat" "