Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'myfile.exe' = '%WINDIR%\Test.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- <SYSTEM32>\svcchost.exe
- <SYSTEM32>\netsh.exe firewall set opmode disable
- <SYSTEM32>\taskkill.exe /F /IM avp.exe
- <SYSTEM32>\shutdown.exe -s -t 10
- <SYSTEM32>\taskkill.exe /F /IM dwm.exe
- <SYSTEM32>\taskkill.exe /F /IM Egui.exe
- <SYSTEM32>\taskkill.exe /F /IM Tsk.exe
- <SYSTEM32>\taskkill.exe /F /IM Panda.exe
- <SYSTEM32>\taskkill.exe /F /IM Anti.exe
- <SYSTEM32>\taskkill.exe /F /IM Sym.exe
- <SYSTEM32>\svcchost.exe
- <SYSTEM32>\access.cpl
- <SYSTEM32>\acctres.dll
- <SYSTEM32>\6to4svc.dll
- <SYSTEM32>\aaaamon.dll
- <SYSTEM32>\accwiz.exe
- <SYSTEM32>\aclui.dll
- <SYSTEM32>\activeds.dll
- <SYSTEM32>\acelpdec.ax
- <SYSTEM32>\acledit.dll
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\sysedit.exe
- <SYSTEM32>\bootcfg.exe
- <SYSTEM32>\sysdm.cpl
- <SYSTEM32>\ntvdm.exe
- <SYSTEM32>\12520437.cpx
- <SYSTEM32>\12520850.cpx
- <SYSTEM32>\$winnt$.inf
- <SYSTEM32>\-1
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''