Техническая информация
- '<SYSTEM32>\taskkill.exe' /pid=4008
- '<SYSTEM32>\taskkill.exe' /pid=4080
- '<SYSTEM32>\taskkill.exe' /pid=756
- '<SYSTEM32>\taskkill.exe' /pid=3264
- '<SYSTEM32>\arp.exe' /pid=3704
- '<SYSTEM32>\arp.exe' /pid=3796
- '<SYSTEM32>\arp.exe' /pid=1076
- '<SYSTEM32>\arp.exe' /pid=3264
- '<SYSTEM32>\taskkill.exe' /pid=3660
- '<SYSTEM32>\taskkill.exe' /pid=3768
- '<SYSTEM32>\shutdown.exe' /f /im explorer.exe
- '<SYSTEM32>\arp.exe' /pid=3060
- '<SYSTEM32>\taskkill.exe' /pid=3184
- '<SYSTEM32>\taskkill.exe' /pid=1608
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- '<SYSTEM32>\taskkill.exe' /pid=3060
- '<SYSTEM32>\taskkill.exe' -d *
- '<SYSTEM32>\wscript.exe' "%WINDIR%\system\1.vbs"
- '<SYSTEM32>\arp.exe' -d *
- '<SYSTEM32>\shutdown.exe' -r -t 180 -c "µзДФ±Ј»¤ЎЄЎЄ3·ЦЦУ№Ш»ъ "
- '<SYSTEM32>\arp.exe' /pid=3212
- '<SYSTEM32>\arp.exe' /pid=3960
- '<SYSTEM32>\arp.exe' /f /im explorer.exe
- '<SYSTEM32>\taskkill.exe' /pid=2572
- '<SYSTEM32>\arp.exe' /pid=3528
- '<SYSTEM32>\arp.exe' /pid=3620
- '<SYSTEM32>\taskkill.exe' /pid=3808
- <SYSTEM32>\shutdown.exe
- <SYSTEM32>\arp.exe
- <SYSTEM32>\taskkill.exe
- %WINDIR%\Explorer.EXE
- %WINDIR%\system\1a.vbs
- %WINDIR%\system\2.cmd
- %WINDIR%\system\3.cmd
- %TEMP%\FP1.tmp
- %WINDIR%\system\1.cmd
- %WINDIR%\system\1.vbs
- %TEMP%\FP1.tmp
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'