Техническая информация
- <SYSTEM32>\cmd.exe
- %ALLUSERSPROFILE%\eset\delpico.exe
- %ALLUSERSPROFILE%\eset\eset security\license\license.lf
- %TEMP%\a746.tmp\a747.tmp\a748.bat
- nul
- %TEMP%\a746.tmp\a747.tmp\a748.bat
- ClassName: 'EDIT' WindowName: ''
- '%ALLUSERSPROFILE%\eset\delpico.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\A746.tmp\A747.tmp\A748.bat %ALLUSERSPROFILE%\ESET\DelPico.exe"
- '<SYSTEM32>\find.exe' /i "expire.eset.com" <DRIVERS>\etc\hosts
- '<SYSTEM32>\fltmc.exe'