Техническая информация
- <SYSTEM32>\cmd.exe /c <Текущая директория>\123.bat
- <SYSTEM32>\taskkill.exe /F /FI "IMAGENAME ne smss.exe" /FI "IMAGENAME ne csrss.exe" /FI "IMAGENAME ne winlogon.exe" /FI "IMAGENAME ne services.exe" /FI "IMAGENAME ne lsass.exe" /FI "IMAGENAME ne svchost.exe" /FI "IMAGENAME ne avp.exe" /FI "IMAGENAME ne nvsvc32.exe" /FI "IMAGENAME ne vmware-authd.exe" /FI "IMAGENAME ne vmount2.exe" /FI "IMAGENAME ne vmnat.exe" /FI "IMAGENAME ne hpqwmiex.exe" /FI "IMAGENAME ne vmnetdhcp.exe" /FI "IMAGENAME ne alg.exe" /FI "IMAGENAME ne explorer.exe" /FI "IMAGENAME ne Apoint.exe" /FI "IMAGENAME ne QLBCTRL.exe" /FI "IMAGENAME ne HPWAMain.exe" /FI "IMAGENAME ne realsched.exe" /FI "IMAGENAME ne avp.exe" /FI "IMAGENAME ne ctfmon.exe" /FI "IMAGENAME ne ApntEx.exe" /FI "IMAGENAME ne wmiprvse.exe" /FI "IMAGENAME ne conime.exe" /FI "IMAGENAME ne HpqToaster.exe" /FI "IMAGENAME ne vmware.exe" /FI "IMAGENAME ne vmware-vmx.exe" /FI "IMAGENAME ne KwMV.exe" /FI "IMAGENAME ne iexplore.exe" /FI "IMAGENAME ne cmd.exe" /FI "IMAGENAME ne tasklist.exe" /FI "IMAGENAME ne wmiprvse.exe" /FI "IMAGENAME ne System Idle Process" /FI "IMAGENAME ne System" /FI "IMAGENAME ne taskkill.exe" /FI "IMAGENAME ne QQ.exe"
- <SYSTEM32>\spoolsv.exe
- <Текущая директория>\123.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''