Техническая информация
- '<SYSTEM32>\sc.exe' stop sp_rssrv
- '<SYSTEM32>\sc.exe' config sp_rssrv start= disabled
- '<SYSTEM32>\sc.exe' stop ERSvc
- '<SYSTEM32>\sc.exe' config AntiVirService start= disabled
- '<SYSTEM32>\sc.exe' stop wscsvc
- '<SYSTEM32>\sc.exe' config wscsvc start= disabled
- '<SYSTEM32>\sc.exe' stop AntiVirService
- '<SYSTEM32>\sc.exe' config ERSvc start= disabled
- '<SYSTEM32>\sc.exe' stop ccEvtMgr
- '<SYSTEM32>\sc.exe' config ccEvtMgr start= disabled
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\win1.bat" "
- '<SYSTEM32>\sc.exe' config SharedAccess start= disabled
- '<SYSTEM32>\sc.exe' stop windefend
- '<SYSTEM32>\sc.exe' config windefend start= disabled
- '<SYSTEM32>\sc.exe' stop SharedAccess
- <SYSTEM32>\mfc22.dll
- <SYSTEM32>\wsock33.dll
- %WINDIR%\windows1.bat
- %WINDIR%\speicher-77.exe
- %WINDIR%\win1.bat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'