Техническая информация
- <SYSTEM32>\cmd.exe /c ""%TEMP%\4.tmp\cdrivespam.bat" "
- <SYSTEM32>\net1.exe stop "MpsSvc"
- <SYSTEM32>\taskkill.exe /f /t /im "FirewallControlPanel.exe"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\2.tmp\disablefirewall.bat" "
- <SYSTEM32>\cmd.exe /c ""%TEMP%\3.tmp\deldocs.bat" "
- <SYSTEM32>\net.exe stop "MpsSvc"
- C:\26483Spammed Filetype
- C:\29449Spammed Filetype
- C:\10470Spammed Filetype
- C:\23794Spammed Filetype
- C:\27490Spammed Filetype
- C:\12245Spammed Filetype
- C:\11966Spammed Filetype
- C:\1474Spammed Filetype
- C:\3794Spammed Filetype
- %TEMP%\cdrivespam.exe
- %TEMP%\Booter.exe
- %TEMP%\disablefirewall.exe
- %TEMP%\deldocs.exe
- %TEMP%\2.tmp\disablefirewall.bat
- C:\26261Spammed Filetype
- C:\910Spammed Filetype
- %TEMP%\3.tmp\deldocs.bat
- %TEMP%\4.tmp\cdrivespam.bat
- %TEMP%\2.tmp\disablefirewall.bat
- %TEMP%\4.tmp\cdrivespam.bat
- %TEMP%\3.tmp\deldocs.bat
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''