Техническая информация
- '<SYSTEM32>\taskkill.exe' /F /IM IDMan.exe
- '<SYSTEM32>\regini.exe' permdel.txt
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\3.tmp\DEL.bat" %WINDIR%\SoftwareDistribution\DataStore\ \000.exe"
- '%CommonProgramFiles%\ .exe'
- '%WINDIR%\SoftwareDistribution\DataStore\ \000.exe'
- %TEMP%\3.tmp\DEL.bat
- %WINDIR%\SoftwareDistribution\DataStore\ \000.exe
- %TEMP%\3.tmp\permdel.txt
- %TEMP%\3.tmp\Reg.reg
- %CommonProgramFiles%\ .exe
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %WINDIR%\SoftwareDistribution\DataStore\ \Desktop.ini
- %WINDIR%\SoftwareDistribution\DataStore\ \Desktop.ini
- %TEMP%\aut2.tmp
- %CommonProgramFiles%\ .exe
- %TEMP%\aut1.tmp
- ClassName: '' WindowName: ''