Техническая информация
- '<SYSTEM32>\net.exe' stop "Windows Firewall"
- '<SYSTEM32>\net1.exe' stop "Windows Firewall"
- '<SYSTEM32>\msswchx.exe' SWCH
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '%WINDIR%\explorer.exe' "::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}"
- '<SYSTEM32>\net.exe' stop Workstation
- '<SYSTEM32>\net1.exe' stop Workstation
- '<SYSTEM32>\net.exe' stop "Windows Update"
- '<SYSTEM32>\net1.exe' stop "Windows Update"
- '<SYSTEM32>\calc.exe'
- '<SYSTEM32>\net1.exe' localgroup %USERNAME%s 24758 /add
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\a.bat""
- '<SYSTEM32>\net1.exe' users 24758 12410 /add
- '<SYSTEM32>\notepad.exe'
- '<SYSTEM32>\osk.exe'
- '<SYSTEM32>\control.exe'
- '<SYSTEM32>\mmc.exe' "<SYSTEM32>\compmgmt.msc"
- '<SYSTEM32>\mspaint.exe'
- %TEMP%\1.tmp\a.bat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'