Техническая информация
- '<SYSTEM32>\reg.exe' delete "HKLM\SYSTEM\Remote Manipulator System" /f
- '<SYSTEM32>\attrib.exe' -s -h "%PROGRAM_FILES%\Remote Manipulator System - Host"
- '<SYSTEM32>\attrib.exe' -s -h "\Remote Manipulator System - Host"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZSfx000.cmd" "
- '<SYSTEM32>\wscript.exe' "%TEMP%\stop.js"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\del.cmd" "
- '<SYSTEM32>\taskkill.exe' /f /im rutserv.exe
- %TEMP%\7ZSfx000.cmd
- %TEMP%\del.cmd
- %TEMP%\stop.js
- %TEMP%\del.cmd
- %TEMP%\7ZSfx000.cmd
- %TEMP%\stop.js
- ClassName: '' WindowName: ''