Техническая информация
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\taskkill.exe /f /im lsass.exe
- <SYSTEM32>\shutdown.exe -a
- <SYSTEM32>\taskkill.exe /f /im winlogon.exe
- <SYSTEM32>\shutdown.exe -r -f -t 01
- <SYSTEM32>\svchost.exe -k netsvcs
- <SYSTEM32>\taskkill.exe /f /im explorer.exe
- <SYSTEM32>\ipconfig.exe /release
- <SYSTEM32>\taskkill.exe /f /im svchost.exe
- <SYSTEM32>\svchost.exe -k LocalService
- <SYSTEM32>\svchost.exe -k rpcss
- <SYSTEM32>\svchost.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\2840FKTQ.bat
- %TEMP%\2840FKTQ.bat
- %TEMP%\2840FKTQ.bat
- ClassName: '' WindowName: ''