Техническая информация
- <SYSTEM32>\sc.exe config AntiVirSchedulerService start= disabled
- <SYSTEM32>\sc.exe stop AntiVirService
- <SYSTEM32>\sc.exe config AntiVirService start= disabled
- <SYSTEM32>\sc.exe stop ccEvtMgr
- <SYSTEM32>\sc.exe config ccEvtMgr start= disabled
- <SYSTEM32>\sc.exe stop AntiVirSchedulerService
- <SYSTEM32>\sc.exe stop SharedAccess
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\windows1.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\win11.vbs"
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\win11.bat" "
- <SYSTEM32>\sc.exe config SharedAccess start= disabled
- <SYSTEM32>\sc.exe stop windefend
- <SYSTEM32>\sc.exe config windefend start= disabled
- %WINDIR%\windows1.bat
- <SYSTEM32>\wsock33.dll
- <SYSTEM32>\kernel22.dll
- %WINDIR%\win77.vbs
- %WINDIR%\speicher-77.exe
- %WINDIR%\win11.bat
- %WINDIR%\win11.vbs
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''