Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im elementclient.exe /T
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\abc.bat
- elementclient.exe
- %WINDIR%\LastGood\TMP2.tmp
- <SYSTEM32>\SET1.tmp
- <SYSTEM32>\dllcache\ksuser.dll.new
- <SYSTEM32>\SET4.tmp
- <SYSTEM32>\abc.dll
- <Служебный элемент>
- <SYSTEM32>\ksuser.dll
- <SYSTEM32>\abc.bat
- <SYSTEM32>\ksuser.dll
- <SYSTEM32>\SET1.tmp
- <SYSTEM32>\abc.bat
- <SYSTEM32>\ksuser.dll в <SYSTEM32>\OLD3.tmp
- %WINDIR%\LastGood\TMP2.tmp в %WINDIR%\LastGood\system32\ksuser.dll
- <SYSTEM32>\ksuser.dll
- ClassName: '' WindowName: ''