Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefiles\shell\open\command] '' = '"<SYSTEM32>\taskmar.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'exefiles'
- <SYSTEM32>\taskkill.exe /f /im QQ.exe /t
- <SYSTEM32>\cmd.exe /c "%TEMP%\0.bat"
- <SYSTEM32>\taskkill.exe /f /im taskmar.exe /t
- <SYSTEM32>\taskkill.exe /f /im ZhuDongFangYu.exe /t
- <SYSTEM32>\cmd.exe /c "%TEMP%\unins000.bat"
- <SYSTEM32>\taskkill.exe /f /im taskmgrr.exe /t
- %TEMP%\taskmar.exe
- <SYSTEM32>\taskmar.exe
- %TEMP%\0.bat
- %TEMP%\unins000.bat
- %TEMP%\EXE1.exe
- %TEMP%\<Имя вируса>.exe
- %TEMP%\taskmgrr.exe
- <SYSTEM32>\taskmar.exe
- %TEMP%\taskmar.exe
- %TEMP%\taskmgrr.exe
- ClassName: '' WindowName: ''