powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Public\Documents\朓杆朓朏杓朊木朽朊朽朽朻朌朱朊\svchost.exe" -Force
2800powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\test22\AppData\Local\Temp\101.exe" -Force
2624powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Public\Documents\朓杆朓朏杓朊木朽朊朽朽朻朌朱朊\svchost.exe" -Force
656AdvancedRun.exe "C:\Users\test22\AppData\Local\Temp\49f01170-868e-4fa0-b0e0-7477ab9be03f\AdvancedRun.exe" /EXEFilename "C:\Users\test22\AppData\Local\Temp\49f01170-868e-4fa0-b0e0-7477ab9be03f\test.bat" /WindowState ""0"" /PriorityClass ""32"" /CommandLine "" /StartDirectory "" /RunAs 8 /Run
2572powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\test22\AppData\Local\Temp\101.exe" -Force
3060101.exe C:\Users\test22\AppData\Local\Temp\101.exe
2492