Техническая информация
- '<SYSTEM32>\reg.exe' query "HKLM\SOFTWARE\ACD Systems\ACDSee Pro\90" /v InstallDir
- '<SYSTEM32>\cmd.exe' /c reg query "HKLM\SOFTWARE\ACD Systems\ACDSee Pro\90" /v InstallDir 2>nul
- '<SYSTEM32>\xcopy.exe' /s /e /y "data\PlugIns\*.*" "PlugIns\"
- '<SYSTEM32>\xcopy.exe' /s /e /y "data\1033\*.*" "1033\"
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" <Полный путь к вирусу>"
- '<SYSTEM32>\taskkill.exe' /F /im ACDSeeCommanderPro9.exe
- '<SYSTEM32>\taskkill.exe' /F /im acdIDInTouch2.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\1.tmp\2.bat
- ClassName: '' WindowName: ''