Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im ProcessHacker.exe
- '<SYSTEM32>\taskkill.exe' /F /IM HTTPDebuggerUI.exe
- '<SYSTEM32>\taskkill.exe' /F /IM HTTPDebuggerSvc.exe
- '<SYSTEM32>\taskkill.exe' /F /IM Fiddler.exe
- nul
- %WINDIR%\temp\cab2696.tmp
- %WINDIR%\temp\tar2697.tmp
- %WINDIR%\temp\cab26b7.tmp
- %WINDIR%\temp\tar26b8.tmp
- %WINDIR%\temp\cab6161.tmp
- %WINDIR%\temp\tar6162.tmp
- %WINDIR%\temp\cab6173.tmp
- %WINDIR%\temp\tar6174.tmp
- %WINDIR%\temp\cab2696.tmp
- %WINDIR%\temp\tar2697.tmp
- %WINDIR%\temp\cab26b7.tmp
- %WINDIR%\temp\tar26b8.tmp
- %WINDIR%\temp\cab6161.tmp
- %WINDIR%\temp\tar6162.tmp
- %WINDIR%\temp\cab6173.tmp
- %WINDIR%\temp\tar6174.tmp
- 'as######9rsdkudbf3r2ras.xyz':80
- 'as######9rsdkudbf3r2ras.xyz':443
- DNS ASK as######9rsdkudbf3r2ras.xyz
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c taskkill /f /im ProcessHacker.exe >nul 2>&1
- '<SYSTEM32>\cmd.exe' /c sc stop KProcessHacker3 >nul 2>&1
- '<SYSTEM32>\sc.exe' stop KProcessHacker3
- '<SYSTEM32>\cmd.exe' /c sc delete KProcessHacker3 >nul 2>&1
- '<SYSTEM32>\sc.exe' delete KProcessHacker3
- '<SYSTEM32>\cmd.exe' /c reg delete "HKLMSOFTWARESYSTEMCurrentControlSetServicesKProcessHacker3" /f >nul 2>&1
- '<SYSTEM32>\reg.exe' delete "HKLMSOFTWARESYSTEMCurrentControlSetServicesKProcessHacker3" /f
- '<SYSTEM32>\cmd.exe' /c taskkill /F /IM HTTPDebuggerUI.exe >nul 2>&1
- '<SYSTEM32>\cmd.exe' /c taskkill /F /IM HTTPDebuggerSvc.exe >nul 2>&1
- '<SYSTEM32>\cmd.exe' /c taskkill /F /IM Fiddler.exe >nul 2>&1
- '<SYSTEM32>\cmd.exe' /c cls
- '<SYSTEM32>\cmd.exe' /c pause