Техническая информация
- '%TEMP%\nsr6.tmp\ns8.tmp' taskkill /f /im aerofsd.exe /fi "USERNAME eq %USERNAME%"
- '<SYSTEM32>\taskkill.exe' /f /im aerofs.exe /fi "USERNAME eq %USERNAME%"
- '<SYSTEM32>\regsvr32.exe' /u /s
- '<SYSTEM32>\taskkill.exe' /f /im aerofsd.exe /fi "USERNAME eq %USERNAME%"
- '<SYSTEM32>\rundll32.exe' advpack.dll,LaunchINFSectionEx %TEMP%\7zS1.tmp\AeroEnterprise.inf
- '<SYSTEM32>\cmd.exe' /c rundll32 advpack.dll,LaunchINFSectionEx %TEMP%\7zS1.tmp\AeroEnterprise.inf & %TEMP%\7zS1.tmp\AeroFSInstall-1.4.15.exe
- '%TEMP%\nsr6.tmp\ns7.tmp' taskkill /f /im aerofs.exe /fi "USERNAME eq %USERNAME%"
- '%TEMP%\7zS1.tmp\AeroFSInstall-1.4.15.exe'
- %TEMP%\nsr6.tmp\nsExec.dll
- %TEMP%\nsr6.tmp\UAC.dll
- %TEMP%\nsr6.tmp\ns8.tmp
- %TEMP%\nsr6.tmp\ns7.tmp
- %TEMP%\nsr6.tmp\UserInfo.dll
- %TEMP%\7zS1.tmp\AeroEnterprise.inf
- %TEMP%\7zS1.tmp\AeroFSInstall-1.4.15.exe
- %APPDATA%\AeroFSExec\SET4.tmp
- %TEMP%\7zS1.tmp\site-config.properties
- %TEMP%\nsr6.tmp\ns8.tmp
- %TEMP%\nsr6.tmp\ns7.tmp
- %APPDATA%\AeroFSExec\SET4.tmp в %APPDATA%\AeroFSExec\site-config.properties
- ClassName: 'SysListView32' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: ''