Техническая информация
- '<SYSTEM32>\cmd.exe' /c "%WINDIR%\temp\bcdedit.bat"
- '<SYSTEM32>\cmd.exe' /c "%WINDIR%\temp\cle.bat"
- '<SYSTEM32>\cmd.exe' /c "%WINDIR%\temp\wmic.bat"
- '<SYSTEM32>\wbem\wmic.exe' OS Get DataExecutionPrevention_SupportPolicy
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp3.tmp
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- C:\bcdedit.bat
- %WINDIR%\Temp\cle.bat
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %WINDIR%\Temp\bcdedit.bat
- %TEMP%\1d128.tmp
- %TEMP%\1d196.tmp
- %TEMP%\1d07a.tmp
- %TEMP%\1d0d9.tmp
- %WINDIR%\Temp\wmic.bat
- %WINDIR%\Temp\AlwaysOff.txt
- %TEMP%\1d1f5.tmp
- %TEMP%\1d234.tmp
- %WINDIR%\Temp\bcdedit.bat
- %TEMP%\tmp3.tmp
- %TEMP%\tmp2.tmp
- %WINDIR%\Temp\wmic.bat
- %WINDIR%\Temp\Perflib_Perfdata_7e8.dat
- %WINDIR%\Temp\AlwaysOff.txt
- %TEMP%\tmp1.tmp
- %TEMP%\1d128.tmp
- %TEMP%\1d0d9.tmp
- %TEMP%\1d07a.tmp
- %TEMP%\1d234.tmp
- %TEMP%\1d1f5.tmp
- %TEMP%\1d196.tmp
- '<IP-адрес в локальной сети>':3004
- '<IP-адрес в локальной сети>':3005
- '<IP-адрес в локальной сети>':3003
- '<IP-адрес в локальной сети>':3001
- '<IP-адрес в локальной сети>':3002
- ClassName: '' WindowName: 'TQMCenter.exe'
- ClassName: '' WindowName: 'BnSCrashReport'
- ClassName: '' WindowName: 'bugreport.exe'
- ClassName: '' WindowName: 'TP3Helper.exe'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'TenioDL.exe'
- ClassName: '' WindowName: 'TenSafe_1.exe'