Техническая информация
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\explorer.bat" "
- <SYSTEM32>\wscript.exe "%TEMP%\1.tmp\winstart.vbs"
- <SYSTEM32>\tskill.exe notepad
- %WINDIR%\explorer.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\selfdel0.bat" "
- <SYSTEM32>\tskill.exe explorer
- <SYSTEM32>\net1.exe user %USERNAME% nacer789
- <SYSTEM32>\rundll32.exe USER32.DLL,SwapMouseButton
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\batchfile.bat" "
- <SYSTEM32>\tskill.exe iexplore
- <SYSTEM32>\wscript.exe "%TEMP%\1.tmp\invisi.vbs"
- <SYSTEM32>\attrib.exe +h "%TEMP%\1.tmp\batchfile.bat"
- %WINDIR%\Explorer.EXE
- iexplore.exe
- %TEMP%\1.tmp\winstart.vbs
- %TEMP%\selfdel0.bat
- %TEMP%\1.tmp\invisi.vbs
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\1.tmp\explorer.bat
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\1.tmp\batchfile.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''