Техническая информация
- '<SYSTEM32>\xcopy.exe' Navigator.exe "%ALLUSERSPROFILE%\Start Menu\Programs\Startup" /C /S /D /Y /I /R /H /Q
- '<SYSTEM32>\xcopy.exe' Navigator.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" /C /S /D /Y /I /R /H /Q
- '<SYSTEM32>\xcopy.exe' Navigator.exe "C:\users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" /C /S /D /Y /I /R /H /Q
- '<SYSTEM32>\wscript.exe' SysSupport.vbs
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\Navigator.bat" "
- '<SYSTEM32>\attrib.exe' +r +s +h SysSupport.vbs /S /D
- '<SYSTEM32>\attrib.exe' +r +s +h *.bat /S /D
- <Текущая директория>\SysSupport.vbs
- %TEMP%\1.tmp\Navigator.bat
- <Текущая директория>\SysSupport.vbs
- <SYSTEM32>\regedt32.exe
- <SYSTEM32>\dllcache\srrstr.dll
- <SYSTEM32>\dllcache\regedt32.exe
- <SYSTEM32>\secpol.msc
- <SYSTEM32>\dllcache\regedit.exe
- <SYSTEM32>\srrstr.dll
- <SYSTEM32>\dllcache\taskmgr.exe
- <SYSTEM32>\taskmgr.exe
- <SYSTEM32>\gpedit.msc
- <SYSTEM32>\dllcache\gpedit.dll
- <SYSTEM32>\gpedit.dll
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'