Техническая информация
- %PROGRAM_FILES%\msst.exe
- <SYSTEM32>\taskkill.exe /im egui.exe /f
- <SYSTEM32>\rundll32.exe C:\shiew.dll,RKTV
- <SYSTEM32>\sc.exe delete ekrn
- <SYSTEM32>\taskkill.exe /im ekrn.exe /f
- ekrn.exe
- %WINDIR%\Fonts\pci.sys
- C:\shiew.dll
- %PROGRAM_FILES%\msst.exe
- C:\shiew.dll
- %PROGRAM_FILES%\msst.exe
- C:\shiew.dll
- %WINDIR%\Fonts\pci.sys
- ClassName: '' WindowName: ''