Техническая информация
- '%WINDIR%\syswow64\taskkill.exe' /IM LCKCleaner.exe /F
- %TEMP%\rarsfx0\545.exe
- %TEMP%\is-r8pck.tmp\545.tmp
- %TEMP%\is-bcegp.tmp\_isetup\_setup64.tmp
- %TEMP%\is-bcegp.tmp\idp.dll
- %TEMP%\is-bcegp.tmp\phxsetup.dll
- %TEMP%\is-bcegp.tmp\innocallback.dll
- %TEMP%\is-bcegp.tmp\filesinstall.dll
- %TEMP%\is-bcegp.tmp\checkprocesses.dll
- %WINDIR%\syswow64\phoenix.txt
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: ''
- '%TEMP%\rarsfx0\545.exe' "1685601|E37F8104ADAEBDACC4DC7068121DB1F6|05902990000258|NEWCON SOFTWARE S/A|1"
- '%TEMP%\is-r8pck.tmp\545.tmp' /SL5="$F022E,82830237,57856,%TEMP%\RarSFX0\545.exe" "1685601|E37F8104ADAEBDACC4DC7068121DB1F6|05902990000258|NEWCON SOFTWARE S/A|1"
- '%WINDIR%\syswow64\taskkill.exe' /IM LCKCleaner.exe /F' (со скрытым окном)