Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\USВ Driver.lnk
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Vss\Writers\System\tart0.vbs"
- '%WINDIR%\Vss\Writers\System\Protein.exe' -p123 -d%WINDIR%\Vss\Writers\System
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Vss\Writers\System\2.vbs"
- '<SYSTEM32>\taskkill.exe' /f /im ksde.exe
- '<SYSTEM32>\taskkill.exe' /f /im avp.exe
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Vss\Writers\System\2.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Vss\Writers\System\tart0.bat" "
- AVP.EXE
- %WINDIR%\Vss\Writers\System\config.json
- %WINDIR%\Vss\Writers\System\csrs.exe
- %WINDIR%\Vss\Writers\System\tart0.vbs
- %WINDIR%\Vss\Writers\System\svchost.vbs
- %WINDIR%\Vss\Writers\System\tart0.bat
- %WINDIR%\Vss\Writers\System\Protein.exe
- %WINDIR%\Vss\Writers\System\2.bat
- %WINDIR%\Vss\Writers\System\start.bat
- %WINDIR%\Vss\Writers\System\2.vbs
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''