Техническая информация
- '%WINDIR%\addins\0907\kkkv3.exe'
- '<SYSTEM32>\taskkill.exe' /f /im mdlls.exe
- '<SYSTEM32>\taskkill.exe' /f /im ccaia.exe
- '<SYSTEM32>\taskkill.exe' /f /im huiq.exe
- '<SYSTEM32>\xcopy.exe' 1.txt <DRIVERS>\etc\ /y
- '<SYSTEM32>\taskkill.exe' /f /im ac.exe
- '<SYSTEM32>\taskkill.exe' /f /im csuperm.exe
- '<SYSTEM32>\wscript.exe' "%WINDIR%\addins\0907\1.vbs"
- '<SYSTEM32>\taskkill.exe' /f /im cuia.exe
- '<SYSTEM32>\taskkill.exe' /f /im csuperz.exe
- '<SYSTEM32>\taskkill.exe' /f /im jinf.exe
- %WINDIR%\addins\0907\1.txt
- <DRIVERS>\etc\1.txt
- %WINDIR%\addins\0907\0907.bat
- %WINDIR%\addins\0907\1.vbs
- %WINDIR%\addins\0907\kkkv3.exe
- <DRIVERS>\etc\1.txt в <DRIVERS>\etc\hosts.ics
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'