Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im csuperm.exe
- '<SYSTEM32>\xcopy.exe' hosts.txt <DRIVERS>\etc\ /y
- '<SYSTEM32>\wscript.exe' "c:\0615\1.vbs"
- '<SYSTEM32>\taskkill.exe' /F /IM 2.EXE
- C:\0615\1.vbs
- C:\0615\kv3.exe
- C:\0615\hosts.txt
- C:\0615\0613.bat
- <DRIVERS>\etc\hosts
- <DRIVERS>\etc\hosts.txt в <DRIVERS>\etc\hosts.ics
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'