Техническая информация
- %WINDIR%\skanAntiBAT.exAB
- <SYSTEM32>\find.exe /n /v "" c:\AUTOEXEC.BAT
- <SYSTEM32>\find.exe "reg"
- <SYSTEM32>\find.exe "c:\AUTOEXEC.BAT"
- <SYSTEM32>\find.exe /n /v "" bazeVIR.dll
- <SYSTEM32>\find.exe "assoc"
- <SYSTEM32>\find.exe "вир"
- <SYSTEM32>\find.exe "[2]"
- <SYSTEM32>\find.exe "explorer"
- <SYSTEM32>\find.exe "vir"
- <SYSTEM32>\attrib.exe +s +h %WINDIR%\skanAntiBAT.bat
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\startscan1.bat" "
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\yst.bat" "
- <SYSTEM32>\attrib.exe +s +h %WINDIR%\WR~27.exe
- <SYSTEM32>\attrib.exe +s +h c:\infection~30150
- <SYSTEM32>\find.exe "[1]"
- <SYSTEM32>\find.exe /n /v "" iskl.dll
- <SYSTEM32>\find.exe /c /v ""
- <SYSTEM32>\find.exe /n /v "" baze1v.dll
- %WINDIR%\skanAntiBAT.exAB
- %WINDIR%\carantinAntiBAT.exAB
- %WINDIR%\skanAntiBAT.bat
- %WINDIR%\baze1v.dll
- %TEMP%\1.tmp\startscan1.bat
- %WINDIR%\bazeVIR.dll
- %WINDIR%\iskl.dll
- %WINDIR%\yst.bat
- %WINDIR%\WR~27.exe
- %WINDIR%\ABt.exAB
- %WINDIR%\skanAntiBAT.bat
- %WINDIR%\WR~27.exe
- %TEMP%\1.tmp\startscan1.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''