Техническая информация
- <SYSTEM32>\tasks\msmonitor
- %ProgramFiles%\mspo.zip
- '%WINDIR%\syswow64\schtasks.exe' /end /tn "MSOptimizer"
- '%WINDIR%\syswow64\schtasks.exe' /delete /tn "MSOptimizer" -f
- '%WINDIR%\syswow64\schtasks.exe' /end /tn "MSMonitor"
- '%WINDIR%\syswow64\schtasks.exe' /delete /tn "MSMonitor" -f
- '%WINDIR%\syswow64\cmd.exe' /c PowerShell -WindowStyle Hidden -Command "remove-item \"%ProgramFiles%\MSPO\" -Recurse"
- '%WINDIR%\syswow64\cmd.exe' /c PowerShell -WindowStyle Hidden -Command "Expand-Archive -Path \"%ProgramFiles%\MSPO.zip\" -DestinationPath \"%ProgramFiles%\""
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -WindowStyle Hidden -Command "remove-item \"%ProgramFiles%\MSPO\" -Recurse"
- '%WINDIR%\syswow64\cmd.exe' /c PowerShell -WindowStyle Hidden -Command "Expand-Archive -Path \"%ProgramFiles%\MSPO\MSPO_exe.zip\" -DestinationPath \"%ProgramFiles%\MSPO\""
- '%WINDIR%\syswow64\schtasks.exe' /create /ru "SYSTEM" /tn "MSMonitor" /tr "%ProgramFiles%\MSPO\MSMonitor.exe" /sc minute /f /st 10:03:00
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -WindowStyle Hidden -Command "Expand-Archive -Path \"%ProgramFiles%\MSPO.zip\" -DestinationPath \"%ProgramFiles%\""
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -WindowStyle Hidden -Command "Expand-Archive -Path \"%ProgramFiles%\MSPO\MSPO_exe.zip\" -DestinationPath \"%ProgramFiles%\MSPO\""